Today’s security threats are dynamic, multi-faceted and highly complex initiatives oftentimes drawn out over long periods of time and the current security tools are simply not designed to identify and investigate against these types of advanced threats.

In order to defend against these challenges security analysts and IT professionals require a comprehensive and interactive view into their entire infrastructure.

NetWitness for Logs delivers innovation in security analytics through the fusion of hundreds of log data sources with external threat intelligence.  Combined with NetWitness network traffic capture, enterprises now have the broadest and most robust high-speed visibility into the critical information needed to help detect today’s targeted, dynamic and stealthy attack techniques.  Netwitness for Logs may be deployed in three ways:

  • As an extension to NetWitness installations to combine the diverse information contained in log files with the deep content of full traffic capture
  • Alongside enVision for fast security analytics across the volumes of log data collected by enVision
  • As a standalone log analytics module with or without other 3rd party SIEM tools

NetWitness for Logs leverages a number of innovations to make log data an active part of security operations, including:

  • Interactive data-driven analysis of over 150 different enterprise log formats leveraging RSA enVision content definitions
  • Scalability and speed from the RSA NetWitness platform enables fast, actionable log analytics
  • Mature threat intelligence fused into log data for better context of threats
  • Award-winning, patented, drill down analysis that works over network sessions and log data
  • Data presented the way expert security analysts investigate advanced threats
  • High speed connector from enVision for side by side deployments

RSA NetWitness for Logs Datasheet (PDF) Download

Download NetWitness Investigator Free!

Now Includes NetWitness Live

Download

Upcoming Events