Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

5/25/2021
04:20 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NetWitness Cloud SIEM Offers Enterprises High-Performance Threat Detection and Response

BEDFORD, Mass.--(BUSINESS WIRE)--NetWitness, an RSA business (@RSAsecurity), a globally trusted partner for some of the world’s largest and most security sensitive organizations, today introduced NetWitness® Cloud SIEM, a cloud-based threat detection and response solution that delivers pervasive visibility, multi-faceted analytics, and automated response capabilities without the need for on-premise deployment and administration.

NetWitness Cloud SIEM provides enterprises with the same rich log management, retention, reporting, and analytics services long utilized by on-premise customers for threat detection and response, but in cloud form. This new deployment option makes it easy for NetWitness customers to take advantage of evolved SIEM without expending the resources associated with planning, sizing, deploying, updating, and administering the solution in their local data center. This announcement comes shortly after the introduction of NetWitness Detect AI, a cloud-native analytics and machine learning solution that provides rapid detection and actionable insights on data captured by the NetWitness Platform.

“SIEM has become essential technology for a wide range of organizational needs, from traditional compliance requirements to functions like security and forensics. As enterprises undertake digital transformation initiatives, a significant part of that strategy is transitioning capabilities to the cloud,” said Dr. Zulfikar Ramzan, Chief Technology and Product Officer of NetWitness. “NetWitness SIEM already provides robust monitoring capabilities for cloud infrastructure. We’re now excited to be offering the cloud-based critical threat detection and response functionality needed for today’s modern enterprises, which provides them with both simplicity and performance.”

Attacks on technology infrastructure are not only increasing in volume, but also in complexity, making responding to cyber-threats a constantly evolving challenge for enterprises of all sizes, across all industries. The rise in digital transformation and continued migration to the cloud adds further complications as bad actors are able to attack IT infrastructures in new ways.

NetWitness Cloud SIEM is the latest addition to the NetWitness Platform, an evolved SIEM and XDR solution that enables security teams to detect, understand the full scope of a compromise, and automatically respond to security threats across modern IT infrastructures. The NetWitness Platform delivers enhanced visibility, integrating logs, network data and endpoints, applying threat intelligence and user behavior analytics to detect, prioritize, investigate threats and automate response, improving the effectiveness and efficiency of security strategies.

Visit the NetWitness Cloud SIEM web page to learn more about the solution and schedule a demo.

AVAILABILITY

NetWitness Cloud SIEM will be available globally in Q2.

ADDITIONAL RESOURCES

ABOUT NetWitness
NetWitness, an RSA® Business, provides comprehensive and highly scalable threat detection and response capabilities for organizations around the world. The NetWitness Platform delivers complete visibility combined with applied threat intelligence and user behavior analytics to detect, prioritize, investigate threats, and automate response. This empowers security analysts to be more efficient and stay ahead of business-impacting threats. For more information, go to netwitness.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
CVE-2021-32553
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.