Analytics
9/19/2012
07:37 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

RSA Launches Incident Response And Breach Readiness Services To Help Customers Turn The Tide On Advanced Threats

RSA Advanced Cyber Defense Services help organizations create proactive strategies for defending their digital assets against a wide range of threats

BEDFORD, MASS , SEPTEMBER 19, 2012 -

With the sophistication of Advanced Persistent Threats (APT) posing new risks to enterprises and governments, RSA, The Security Division of EMC® Corporation (NYSE: EMC), today introduced RSA® Advanced Cyber Defense Services (ACD). The new portfolio of services, including incident response and breach readiness assessment, are designed to rapidly assist an organization during an incident or breach and provide a programmatic path to help enable organizations to proactively prepare for, respond to, and mitigate advanced cyber threats.

According to the Verizon 2012 Data Breach Investigations Report, of the 855 breaches investigated in 2011, 85% took several weeks or more to be discovered and 92% of incidents were first discovered by a third-party. RSA Advanced Cyber Defense Services are designed to help businesses prepare for, discover and respond to these threats, with a methodical and repeatable approach that is designed to minimize risk and the business impact of incidents.

Built on RSA's experience as well as real-world situations, RSA Advanced Cyber Defense Services are designed to handle today's changing security landscape. Using a multi-tier threat-based approach, this portfolio of services focuses on the protection of crucial business assets by applying proven operational strategy to address the lifecycle of a breach from front line cyber breach preparedness to breach remediation and prevention. Combining a flexible threat-based platform, increased visibility and agile controls, businesses can manage threats throughout the enterprise, leverage advanced monitoring and high-speed analytics to achieve a better understanding of their security posture, as well as adjust controls to meet changing threat environments.

Led by a world-class team of experienced cyber-defense professionals, the RSA Advanced Cyber Defense Services are designed to employ a combination of proven technology and services. Key components include:

· Breach Readiness – focuses on an organization's advanced threat preparedness, operational breach response and management capabilities supplemented with a maturity analysis and program design.

· Incident Response & Discovery – built off threat-intelligence research from the RSA NetWitness® platform and utilizing recently acquired endpoint monitoring technology from Silicium Security, RSA takes a holistic approach to incident response comprised of advanced threat discovery, response and remediation across the network and host, tailored to include tactical attack surface enumeration, high-value target identification and exploitation defense measures.

· Cyber-Threat Intelligence – leverages threat intelligence and advanced analytics to create a proactive approach to identifying threat artifacts and anomalies that reside in large volumes of data to determine the root vector, targeting motive and severity of an attack.

· Breach Management – provides workflow automation and the processes and procedures used for a closed-loop incident handling process using the RSA Archer® Threat Management and Incident Management solutions.

· Identity Infrastructure Information (I3) – helps address secure privileged account management, secure communications, information rights/data classification and post-breach active directory remediation and security.

· Next Generation Security Operations Center (SOC) Design & Implementation – utilizes proven tactical implementation methods and leverages RSA SOC practitioners to design, operate, train, and eventually transition operations to an organization.

In addition to offering these new services to large commercial organizations worldwide, RSA Advanced Cyber Defense Services will also be provided to organizations in the U.S. Federal Government through RSA's Federal and Critical Infrastructure Business led by Rear Admiral (Ret.) Mike Brown, former Director , Cybersecurity Coordination and Deputy Assistant Secretary of Cybersecurity at the Dept. of Homeland Security.

RSA EXECUTIVE QUOTE:

Peter Tran, Senior Director, RSA Advanced Cyber Defense Practice

"Every business today rests on a digital foundation, and protecting those digital assets has never been more crucial--or more challenging. RSA Advanced Cyber Defense Services help customers take a proactive, practical approach to their security posture, from strategy and implementation to operation and analysis. Our methodologies and services are pragmatic, based on real-world experiences with our own business and our visibility into the challenges and adversaries facing our thousands of customers. Our goal is to help ensure our customers are in the best position possible to diminish risks and quickly respond to breaches should they occur."

ANALYST QUOTE:

Lawrence Pingree, Research Director, Gartner

"With the prevalence and sophistication of advanced threats continually mounting against enterprises, it's as important as ever for organizations to have a comprehensive readiness strategy. External services can certainly be a critical enabler to help get customers over incident response hurdles, helping customers develop a programmatic and methodical approach to breach preparedness, response and mitigation."

AVAILABILITY

RSA Advanced Cyber Defense Services are now available to customers in North America and Europe. RSA will announce general availability of these services worldwide by the end of 2012.

On Wed., Oct. 3 at 1:00 pm Eastern Time, RSA will host a webcast with the Financial Services Information Sharing and Analysis Center (FS-ISAC) to provide additional detail and answer questions about the features and benefits of the RSA Advanced Cyber Defense Services and how enterprises can improve incident response and breach readiness. Please register at:https://fsisac.webex.com/fsisac/onstage/g.php?t=a&d=665080769

ADDITIONAL RESOURCES:

· Get more information on RSA Advanced Cyber Defense Services

· Listen to RSA's Peter Tran discuss RSA Advanced Cyber Defense Services on the RSA Speaking of Security Podcast

· Find out more about Silicium Security

· RSA-Booz Allen Hamilton Joint Press Release

· Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA Speaking of Security Blog and Podcast.

ABOUT EMC

EMC Corporation is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyze their most valuable asset -- information -- in a more agile, trusted and cost-efficient way. Additional information about EMC can be found at www.EMC.com

ABOUT RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visitwww.EMC.com/RSA.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2008-3277
Published: 2014-04-15
Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse p...

CVE-2010-2236
Published: 2014-04-15
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, rela...

CVE-2011-3628
Published: 2014-04-15
Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

CVE-2012-0214
Published: 2014-04-15
The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool (APT) 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16~exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user fro...

CVE-2013-4768
Published: 2014-04-15
The web services APIs in Eucalyptus 2.0 through 3.4.1 allow remote attackers to cause a denial of service via vectors related to the "network connection clean up code" and (1) Cloud Controller (CLC), (2) Walrus, (3) Storage Controller (SC), and (4) VMware Broker (VB).

Best of the Web