RSA has announced new capabilities have been added to RSA Security Analytics that are designed to help organisations extend protection of their infrastructure into the cloud.RSA Security Analytics is engineered to give organisations the necessary context to help detect and respond to today’s advanced attack campaigns before they can damage the business. This release also is built to offer visibility into attacks that target critical customer-facing Web and mobile applications, and introduces data privacy capabilities.
In addition to extending the reach into the cloud, RSA Security Analytics is now being offered with new pricing and packaging options including throughput-based pricing that better aligns the investment to the scale of the customer deployment for better cost efficiency. In addition, customers will also be able to leverage their own storage investments.
While logs are a valuable piece of the puzzle, they’re limited by what the preventative controls they monitor can detect, and alone are not enough to identify advanced attacks. In fact, most successful attacks go undiscovered by logs alone.
In addition, even when log-based Security Incident and Event Management (SIEM) systems are able to detect the faint signals of an attack, they are unable to piece them together to provide security analysts with the understanding to quickly respond to and disrupt the attack. Instead they overwhelm analysts with alerts that lack the context needed to take action.
Security teams need to take a multifaceted and integrated approach to security in order to fully comprehend an attack, speed up response time when an incident occurs, and facilitate a return to business as usual.
RSA Security Analytics is designed to aggregate logs, along with data from network packets, endpoints, and now the cloud, and contextually analyzes the data to help allow organisations to quickly and fully understand what was targeted, the attacker’s strategy and actions within the organisation, and the magnitude of the attack such that they can respond before a breach of confidential information can occur.
This release also is engineered to introduce the ability for customers also leveraging RSA® Web Threat Detection to correlate enterprise attacks with web and mobile application exploitation, which is designed to help organisations defend against both security attacks and fraudulent user activity that targets their critical customer-facing web and mobile applications.
The addition of cloud and application insight reiterates RSA’s commitment to offering the broadest visibility in the industry to help detect and respond to advanced cyber attacks.
Additionally, RSA Security Analytics is now more accessible to customers and channel partners through the addition of flexible pricing and packaging options. Organizations can now choose from deployment models that include throughput based pricing, subscription options and use case based packages.
With this release customers can also leverage their own storage with RSA Security Analytics. Throughput based pricing lets customers tailor their purchase to fit their exact needs and, by leveraging existing storage, could potentially lower the total cost of ownership to deploy. Customers and partners also have the option to shift to an operational expense model by leveraging subscription based pricing.
Finally, RSA Security Analytics is now engineered to include new data privacy capabilities. This feature is designed to offer the ability to share valuable insight to security analysts without exposing them to their organization’s or employees’ most sensitive data, like PII.
The ability to redact specific information will allow users to focus on safeguarding their organisation without violating data privacy guidelines. These new capabilities for RSA Security Analytics are all available this quarter.
“As the threat landscape grows in complexity and more advanced attacks emerge, organisations can no longer rely solely on a log-centric approach to security,” says Julie Ferreira, senior account executive, RSA, Southern Africa.
“RSA Security Analytics is what SIEM was meant to be by giving enterprises the ability to detect attacks missed by other tools and respond before attackers can do damage. By integrating a wide range of inputs from packets, to logs, to endpoints, RSA Security Analytics exposes attacks that would otherwise go unnoticed. ”