News summary:
* RSA announces RSA NetWitness Spectrum, an analytical workbench that automates the identification, analysis and prioritisation of malware missed by preventative tools.
* Additional new partners provide deeper threat intelligence and situational awareness.
* Increased coverage of file types analysed by RSA NetWitness Spectrum.
RSA, the security division of EMC (NYSE: EMC), has announced new capabilities for RSA NetWitness Spectrum, an analytical workbench that revolutionises the identification, analysis and prioritisation of malware-based threats to enterprise networks.
The new capabilities in RSA NetWitness Spectrum provide support for real-time analysis of an expanded list of content types associated with many of the most critical advanced threat vectors. RSA has also added a host of new intelligence partners, expanding the multi-source community of expertise from which RSA NetWitness Spectrum draws its unparalleled situational awareness. These advanced capabilities in RSA NetWitness Spectrum are engineered to enable security operations centres to identify and mitigate serious problems missed by both traditional and modern approaches to malware protection.
“The days of signatures, blacklists and purpose-built security defences alone are gone,” said Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group. “At best, these products provide baseline protection. What's needed is an approach that looks beyond basic patterns, models the subtle ebbs and flows of network activity, then analyses how content and behaviour should be judged based upon anomalies and business policies. RSA is one of the vendors that truly understands this, and is delivering an advanced level of situational awareness in advanced malware detection.”
RSA NetWitness Spectrum: A revolutionary approach
RSA NetWitness Spectrum is built on the award-winning RSA NetWitness network security-monitoring platform, which is designed to enable enterprises to record and analyse all network traffic. RSA NetWitness Spectrum leverages the power of the RSA NetWitness architecture to re-use the captured data and apply four distinct techniques that an advanced analyst would use to investigate and prioritise malware-related events.
RSA NetWitness Spectrum is engineered to automatically analyse all executable content going across the network by automatically answering thousands of questions about the behaviour of files within both the full context of an organisation's network, and its relationship to security intelligence across an ecosystem of content providers. This approach permits the security operation centre to better determine: “Which files are suspect? Why might it be malicious? What is it trying to do? Where else is it on the network? Which files deserve my attention more than others?” much faster, and with more accuracy, than in the past.
RSA NetWitness Spectrum is also designed to extend the core RSA NetWitness enterprise security platform, enabling organisations to further leverage existing investments in RSA NetWitness, as well as complement RSA's other security technologies, by providing richer context around additional alerts and events. RSA NetWitness is a core component of the RSA security management portfolio that is designed to enable advanced security operations centres to identify, investigate and resolve a wide range of IT security risks.
“In today's threat environment, no form of malware prevention can guarantee adequate protection of an organisation's most valuable information assets,” said Amit Yoran, Senior Vice-President and General Manager, Security Management and Compliance, RSA, The Security Division of EMC.
“With these new innovations in RSA NetWitness Spectrum, we are providing enterprises a content-rich and agile workbench that automates many of the most complex malware analysis and prioritisation tasks. RSA NetWitness Spectrum helps close the gap between where the effectiveness of malware protection drops off, and where the true battle lines of detecting advanced networks threats begin.”
New support, partners
RSA NetWitness Spectrum 1.1 has added support for Adobe PDF, Microsoft Office documents and JAR archive to its analysis engine. As targeted attacks using PDFs as an infection vehicle grow, RSA NetWitness Spectrum is now engineered to subject all PDF, Microsoft Office documents and JAR files to the same investigative rigor as every executable - combining four distinct investigation techniques including sand boxing, community intelligence, file content and network behaviour analysis to deliver the most comprehensive risk-based results directly into the hands of security operations centres.
Additionally, RSA has added new partners to the extensive community of threat intelligence and sand boxing providers. From these partners, RSA NetWitness Spectrum draws situational awareness and offers customers the ability to select and use a wide array of intelligence and content providers. The new partners include out-of-the-box integration with industry-leading dynamic malware analysis from ThreatGRID, as well as GFI SandBox. Additionally, a host of other intelligence and white-list providers have been added to bolster Spectrum's analytical arsenal.
RSA NetWitness Spectrum 1.1 will be generally available in Q4 2011.
Share
RSA
RSA, the security division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organisations succeed by solving their most complex and sensitive security challenges. These challenges include managing organisational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
RSA offers industry-leading solutions in identity assurance and access control, data loss prevention, encryption and key management, compliance and security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
EMC, RSA and NetWitness are registered trademarks of EMC Corporation in the United States and other countries. All other products and/or services are trademarks of their respective owners.
This release contains forward-looking statements as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including, but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (iv) competitive factors, including, but not limited to, pricing pressures and new product introductions; (v) component and product quality and availability; (vi) fluctuations in VMware's operating results and risks associated with trading of VMware stock; (vii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (viii) risks associated with managing the growth of the business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (ix) the ability to attract and retain highly qualified employees; (x) insufficient, excess or obsolete inventory; (xi) fluctuating currency exchange rates; (xii) threats and other disruptions to the company's secure data centres or networks; (xiii) its ability to protect its proprietary technology; (xiv) war or acts of terrorism; and (xv) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.
Editorial contacts