The security market in general and the SIEM market in particular have changed. We can’t go back. The ever expanding IT surface area and attacker sophistication have seen to that. Organizations are increasingly recognizing that traditional preventive security controls, especially those that are perimeter and signature-based, are no longer sufficient. Logically this has led organizations to more closely examine their detective security controls to mitigate the weaknesses with their preventive ones.
Which brings us back to SIEMs in general and RSA enVision in particular. SIEMs which exclusively depend on logs/events and correlative analysis for visibility and intelligence have a limited security role to play in detecting and investigating today’s most sophisticated attacks. RSA recognized this trend many years ago and has been investing accordingly ever since. One of our most key product innovations in response to this was the release of RSA Security Analytics a little more than a year ago. If you haven’t seen or read about RSA Security Analytics please start to familiarize yourself. There is no product on the market which compares with the level of visibility and context that it provides to accelerate the detective and investigative work of security analysts or incident responders.
We have been investing heavily in Security Analytics for several years and believe we have a fantastic product, and encourage customers to migrate from enVision to Security Analytics to get:
• A single platform for log & network security monitoring
• Superior real-time & after-the-fact analysis
• Contextual business and IT data, incident response, & endpoint visibility
• Operationalized threat intelligence
• A security platform where compliance is an outcome of security, not the other way around
RSA has extensive support, services, product, and sales resources to help you in this transition. We thus encourage you to reach out to your RSA Sales or Channel Partner team immediately to have them help you move your SIEM program forward. We would be happy to take any questions you have as well. Just “comment” on this blog or open up a new “discussion” in this community.
To learn more about Security Analytics, please check out the product web site:
To learn about the transition from envision to Security Analytics please check out this video on youtube that was delivered as part of our most recent RSA Summit:
To see the most current RSA enVision primary support dates check out this page: