Story highlights
* RSA Security Analytics helps customers protect digital infrastructures from the endpoint to the cloud.
* New pricing and packaging options including throughput-based pricing, subscription services and the ability for customers to leverage existing storage investments.
* New capabilities include visibility into attacks that target critical customer-facing Web and mobile applications as well as data privacy capabilities.
RSA, The Security Division of EMC (NYSE: EMC), has announced new capabilities have been added to RSA Security Analytics that are designed to help organisations extend protection of their infrastructure into the cloud.
RSA Security Analytics is engineered to give organisations the necessary context to help detect and respond to today's advanced attack campaigns before they can damage the business. This release also is built to offer visibility into attacks that target critical customer-facing Web and mobile applications, and introduces data privacy capabilities.
In addition to extending the reach into the cloud, RSA Security Analytics is now being offered with new pricing and packaging options, including throughput-based pricing that better aligns the investment to the scale of the customer deployment for better cost efficiency. In addition, customers will also be able to leverage their own storage investments.
While logs are a valuable piece of the puzzle, they're limited by what the preventative controls they monitor can detect, and alone, are not enough to identify advanced attacks. In fact, most successful attacks go undiscovered by logs alone. In addition, even when log-based security incident and event management (SIEM) systems are able to detect the faint signals of an attack, they are unable to piece them together to provide security analysts with the understanding to quickly respond to and disrupt the attack. Instead, they overwhelm analysts with alerts that lack the context needed to take action.
Security teams need to take a multifaceted and integrated approach to security in order to fully comprehend an attack, speed up response time when an incident occurs, and facilitate a return to business as usual.
RSA Security Analytics is designed to aggregate logs, along with data from network packets, endpoints, and now the cloud, and contextually analyse the data to help allow organisations to quickly and fully understand what was targeted, the attacker's strategy and actions within the organisation, and the magnitude of the attack, such that they can respond before a breach of confidential information can occur.
This release also is engineered to introduce the ability for customers also leveraging RSA Web Threat Detection to correlate enterprise attacks with Web and mobile application exploitation, which is designed to help organisations defend against both security attacks and fraudulent user activity that targets their critical customer-facing Web and mobile applications. The addition of cloud and application insight reiterates RSA's commitment to offering the broadest visibility in the industry to help detect and respond to advanced cyber attacks.
Additionally, RSA Security Analytics is now more accessible to customers and channel partners through the addition of flexible pricing and packaging options. Organisations can now choose from deployment models that include throughput-based pricing, subscription options and use case-based packages. With this release, customers can also leverage their own storage with RSA Security Analytics. Throughput-based pricing lets customers tailor their purchase to fit their exact needs and, by leveraging existing storage, could potentially lower the total cost of ownership to deploy. Customers and partners also have the option to shift to an operational expense model by leveraging subscription-based pricing.
Finally, RSA Security Analytics is now engineered to include new data privacy capabilities. This feature is designed to offer the ability to share valuable insight to security analysts without exposing them to their organisation's or employees' most sensitive data, like PII. The ability to redact specific information will allow users to focus on safeguarding their organisation without violating data privacy guidelines. These new capabilities for RSA Security Analytics are all available this quarter.
Executive quotes:
Julie Ferreira, Senior Account Executive, RSA, Southern Africa
"As the threat landscape grows in complexity and more advanced attacks emerge, organisations can no longer rely solely on a log-centric approach to security. RSA Security Analytics is what SIEM was meant to be by giving enterprises the ability to detect attacks missed by other tools and respond before attackers can do damage. By integrating a wide range of inputs from packets, to logs, to endpoints, RSA Security Analytics exposes attacks that would otherwise go unnoticed."
Jon Oltsik, Principal Analyst, Enterprise Strategy Group
"It is clear that protection technologies alone are inadequate for blocking today's advanced attacks. This is where the security industry needs to move beyond legacy approaches so that they can gain the needed visibility into suspicious behaviour and the latest threats. Traditional log-centric SIEM is no longer enough; information security analytics must collect and analyse the right data for more rapid cyber attack detection before these attacks can inflict damage and loss on an organisation."
Additional resources:
* Download The Evolution of SIEM e-book for additional insight on why it is critical to move beyond logs to defend against attacks.
* Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA Speaking of Security Blog and Podcast.
Share