RSA, The Security Division of EMC (NYSE:EMC), today announced new capabilities have been added to RSA® Security Analytics that are designed to help organizations extend protection of their infrastructure into the cloud. RSA Security Analytics is engineered to give organizations the necessary context to help detect and respond to today’s advanced attack campaigns before they can damage the business. This release also is built to offer visibility into attacks that target critical customer-facing web and mobile applications, and introduces data privacy capabilities. In addition to extending the reach into the cloud, RSA Security Analytics is now being offered with new pricing and packaging options including throughput-based pricing that better aligns the investment to the scale of the customer deployment for better cost efficiency. In addition, customers will also be able to leverage their own storage investments.
While logs are a valuable piece of the puzzle, they’re limited by what the preventative controls they monitor can detect, and alone are not enough to identify advanced attacks. In fact, most successful attacks go undiscovered by logs alone. In addition, even when log-based Security Incident and Event Management (SIEM) systems are able to detect the faint signals of an attack, they are unable to piece them together to provide security analysts with the understanding to quickly respond to and disrupt the attack. Instead they overwhelm analysts with alerts that lack the context needed to take action.
Security teams need to take a multifaceted and integrated approach to security in order to fully comprehend an attack, speed up response time when an incident occurs, and facilitate a return to business as usual. RSA Security Analytics is designed to aggregate logs, along with data from network packets, endpoints, and now the cloud, and contextually analyzes the data to help allow organizations to quickly and fully understand what was targeted, the attacker’s strategy and actions within the organization, and the magnitude of the attack such that they can respond before a breach of confidential information can occur. This release also is engineered to introduce the ability for customers also leveraging RSA® Web Threat Detection to correlate enterprise attacks with web and mobile application exploitation, which is designed to help organizations defend against both security attacks and fraudulent user activity that targets their critical customer-facing web and mobile applications. The addition of cloud and application insight reiterates RSA’s commitment to offering the broadest visibility in the industry to help detect and respond to advanced cyber attacks.
Additionally, RSA Security Analytics is now more accessible to customers and channel partners through the addition of flexible pricing and packaging options. Organizations can now choose from deployment models that include throughput based pricing, subscription options and use case based packages. With this release customers can also leverage their own storage with RSA Security Analytics. Throughput based pricing lets customers tailor their purchase to fit their exact needs and, by leveraging existing storage, could potentially lower the total cost of ownership to deploy. Customers and partners also have the option to shift to an operational expense model by leveraging subscription based pricing.
Finally, RSA Security Analytics is now engineered to include new data privacy capabilities. This feature is designed to offer the ability to share valuable insight to security analysts without exposing them to their organization’s or employees’ most sensitive data, like PII. The ability to redact specific information will allow users to focus on safeguarding their organization without violating data privacy guidelines. These new capabilities for RSA Security Analytics are all available this quarter.
Grant Geyer, Senior Vice President, Products, RSA
“As the threat landscape grows in complexity and more advanced attacks emerge, organizations can no longer rely solely on a log-centric approach to security. RSA Security Analytics is what SIEM was meant to be by giving enterprises the ability to detect attacks missed by other tools and respond before attackers can do damage. By integrating a wide range of inputs from packets, to logs, to endpoints, RSA Security Analytics exposes attacks that would otherwise go unnoticed. ”
Jon Oltsik, Principal Analyst, Enterprise Strategy Group
“It is clear that protection technologies alone are inadequate for blocking today’s advanced attacks. This is where the security industry needs to move beyond legacy approaches so that they can gain the needed visibility into suspicious behavior and the latest threats. Traditional log-centric SIEM is no longer enough; information security analytics must collect and analyze the right data for more rapid cyber-attack detection before these attacks can inflict damage and loss on an organization.”
- Download The Evolution of SIEM e-book for additional insight on why it is critical to move beyond logs to defend against attacks
- Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA Speaking of Security Blog and Podcast
Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world. Through visibility, analysis, and action, RSA solutions give customers the ability to detect, investigate and respond to advanced threats; confirm and manage identities; and ultimately, help prevent IP theft, fraud and cybercrime. For more information on RSA, please visit www.rsa.com.
RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other company and product names may be trademarks of their respective owners.
RSA, The Security Division of EMC