New RSA Solution Ties Security to Big Data Analytics
EMC’s (NYSE: EMC) RSA security division has offered up a new platform linking security technology with Big Data analytics in a solution it believes organizations will deploy to detect and investigate threats missed by traditional, signature-based security tools.
The trend line in security products is starting to tilt toward incorporating Big Data analytics and it’s just a matter of time until big opportunities for channel partners open up. RSA Security Analytics, built on the company’s NetWitness network monitoring technology, integrates Security Information and Event Management (SIEM) network forensics and Big Data analytics under one umbrella in what RSA believes will fast become the cornerstone of next-generation security operations centers.
In particular, the platform is engineered to exceed the capabilities of current security technologies, including SIEM tools that lack sufficient visibility into today’s security threats and can’t scale to meet analytics needs, according to RSA.
“RSA Security Analytics is engineered to reinvent security monitoring and threat detection,” said Amit Yoran, RSA senior vice president. “By combining high fidelity forensic visibility with big security data collection and management, and a complete revolution in advanced analytics, RSA is helping organizations take their security programs and advanced security operations centers to a new level.”
The platform is designed to uncover risks as they occur, lowering the time required for investigations from days to minutes, according to RSA. The hook to integrate Big Data platforms and analytic methods into security tools takes security to another level, the company said, because high risk threats are more readily identified and mitigated.
RSA Security Analytics platform key elements include:
- Quick capture and analysis: Full network packets, logs, and threat intelligence are captured and quickly analyzed to detect threats sooner.
- Analytics: Enables large-scale data collection of data and new analysis methods over traditional SIEM-based approaches.
- Integrated threat intelligence: Accelerates detection and investigations of potential attack tools and techniques targeting the enterprise.
- Context for threats: By fusing data produced by other products, analysts can use business context to prioritize and allocate resources to the threats which pose the greatest risk.
- Malware identification: Identifies a wider range of malware-based attacks.
- Automates compliance reporting: Enables compliance as an outcome of good security practices.