RSA Security Analytics Now Extends Visibility from the Endpoint to the Cloud

RSA Security Analytics Now Extends Visibility from the Endpoint to the Cloud

RSA, The Security Division of EMC (NYSE: EMC), today announced new capabilities have been added to RSA() Security Analytics that are designed to help organizations extend protection of their infrastructure into the cloud.  RSA Security Analytics is engineered to give organizations the necessary context to help detect and respond to today's advanced attack campaigns before they can damage the business. This release also is built to offer visibility into attacks that target critical customer-facing web and mobile applications, and introduces data privacy capabilities.  In addition to extending the reach into the cloud, RSA Security Analytics is now being offered with new pricing and packaging options including throughput-based pricing that better aligns the investment to the scale of the customer deployment for better cost efficiency. In addition, customers will also be able to leverage their own storage investments.

While logs are a valuable piece of the puzzle, they're limited by what the preventative controls they monitor can detect, and alone are not enough to identify advanced attacks. In fact, most successful attacks go undiscovered by logs alone. In addition, even when log-based Security Incident and Event Management (SIEM) systems are able to detect the faint signals of an attack, they are unable to piece them together to provide security analysts with the understanding to quickly respond to and disrupt the attack.  Instead they overwhelm analysts with alerts that lack the context needed to take action.

Security teams need to take a multifaceted and integrated approach to security in order to fully comprehend an attack, speed up response time when an incident occurs, and facilitate a return to business as usual. RSA Security Analytics is designed to aggregate logs, along with data from network packets, endpoints, and now the cloud, and contextually analyzes the data to help allow organizations to quickly and fully understand what was targeted, the attacker's strategy and actions within the organization, and the magnitude of the attack such that they can respond before a breach of confidential information can occur.  This release also is engineered to introduce the ability for customers also leveraging RSA(®) Web Threat Detection to correlate enterprise attacks with web and mobile application exploitation, which is designed to help organizations defend against both security attacks and fraudulent user activity that targets their critical customer-facing web and mobile applications.  The addition of cloud and application insight reiterates RSA's commitment to offering the broadest visibility in the industry to help detect and respond to advanced cyber attacks.

Additionally, RSA Security Analytics is now more accessible to customers and channel partners through the addition of flexible pricing and packaging options. Organizations can now choose from deployment models that include throughput based pricing, subscription options and use case based packages.  With this release customers can also leverage their own storage with RSA Security Analytics. Throughput based pricing lets customers tailor their purchase to fit their exact needs and, by leveraging existing storage, could potentially lower the total cost of ownership to deploy. Customers and partners also have the option to shift to an operational expense model by leveraging subscription based pricing.

Finally, RSA Security Analytics is now engineered to include new data privacy capabilities. This feature is designed to offer the ability to share valuable insight to security analysts without exposing them to their organization's or employees' most sensitive data, like PII. The ability to redact specific information will allow users to focus on safeguarding their organization without violating data privacy guidelines. These new capabilities for RSA Security Analytics are all available this quarter.

Executive Quotes:

Grant Geyer, Senior Vice President, Products, RSA

"As the threat landscape grows in complexity and more advanced attacks emerge, organizations can no longer rely solely on a log-centric approach to security. RSA Security Analytics is what SIEM was meant to be by giving enterprises the ability to detect attacks missed by other tools and respond before attackers can do damage. By integrating a wide range of inputs from packets, to logs, to endpoints, RSA Security Analytics exposes attacks that would otherwise go unnoticed."

Jon Oltsik, Principal Analyst, Enterprise Strategy Group

"It is clear that protection technologies alone are inadequate for blocking today's advanced attacks.  This is where the security industry needs to move beyond legacy approaches so that they can gain the needed visibility into suspicious behavior and the latest threats. Traditional log-centric SIEM is no longer enough; information security analytics must collect and analyze the right data for more rapid cyber-attack detection before these attacks can inflict damage and loss on an organization."


    --  Download  The Evolution of SIEM  e-book for additional insight on why it
        is critical to move beyond logs to defend against attacks
    --  Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA
        Speaking of Security Blog and Podcast
About RSA

RSA's Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world.  Through visibility, analysis, and action, RSA solutions give customers the ability to detect, investigate and respond to advanced threats; confirm and manage identities; and ultimately, help prevent IP theft, fraud and cybercrime.  For more information on RSA, please visit

RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other company and product names may be trademarks of their respective owners.

This release contains "forward-looking statements" as defined under the Federal Securities Laws.  Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (iv) competitive factors, including but not limited to pricing pressures and new product introductions; (v) component and product quality and availability; (vi) fluctuations in VMware, Inc.'s operating results and risks associated with trading of VMware stock; (vii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (viii) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (ix) the ability to attract and retain highly qualified employees; (x) insufficient, excess or obsolete inventory; (xi) fluctuating currency exchange rates; (xii) threats and other disruptions to our secure data centers or networks; (xiii) our ability to protect our proprietary technology; (xiv) war or acts of terrorism; and (xv) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission.  EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.