NetWitness® Logs

RSA NetWitness Logs

< What it does >

Gain visibility, simplify threat detection and reduce dwell time

Gain visibility, simplify threat detection and reduce dwell time

NetWitness Logs provides instant visibility into log data spread across your entire IT environment—simplifying threat detection, reducing dwell time and supporting compliance. It enables centralized log management, log monitoring for logs generated by public clouds and SaaS applications, and identification of suspicious activity that evades signature-based security tools.

Get the details: Read the data sheet

Alleviates analysts’ alert fatigue

Alleviates analysts’ alert fatigue

NetWitness Logs enriches log data with threat intelligence and contextual information to identify high-priority threats and reduce false positives.

Speeds threat detection and investigation

Speeds threat detection and investigation

With extensive visibility and enriched log data, NetWitness Logs dramatically accelerates alerting and analysis to speed detection and investigation.

Centrally manages and monitors logs

Centrally manages and monitors logs

NetWitness Logs provides a platform for centralized log monitoring and management regardless of source and IT complexity.

Simplifies Windows log monitoring

Simplifies Windows log monitoring

Microsoft Windows log forwarding and filtering capabilities simplify the Windows log monitoring, reducing the cost of investigating threats.

< How it works >

Log monitoring for security and compliance

  • Patented parsing and indexing technology

    Using unique, patented technology, NetWitness Logs dynamically parses and enriches log data at capture time, creating metadata that dramatically accelerates alerting and analysis.

  • Comprehensive log monitoring and management

    NetWitness Logs ingests logs from more than 350 event sources. It provides log monitoring for public clouds such as AWS and Azure, as well as SaaS applications including Office 365 and Salesforce.com. Plus, it interprets relevant security information from a wide range of protocols including Syslog, ODBC, SFTP, SCP, FTPS and more.

  • Simplified compliance support

    To simplify compliance demonstration, NetWitness Logs includes use cases and prebuilt templates for compliance with a range of regulations, including Sarbanes-Oxley, PCI DSS, HIPAA, NERC and many others.

  • Flexible reporting

    NetWitness Logs provides the flexibility to customize views and formatting for reports. Predefined reports comprise one or more rules that you can also leverage within other custom-built reports.

TBD

Visibility across the ever-expanding digital landscape

The ability to centrally monitor logs no matter their source and to deploy collection components on-premises, virtually, across hybrid architectures or completely within public clouds makes NetWitness Logs the right match for the ever-expanding digital landscape. Pervasive log visibility facilitates administration and analysis of data across distributed and virtual environments for rapid detection and response.

I'm glad to have such a strong partner in protecting our environment against cyber attacks.

Anson Fong
Chief Information Security Officer

Los Angeles World Airports
TBD

< Resources >

RSA NetWitness Logs

Gain visibility, simplify threat detection and reduce dwell time
NetWitness Logs