Skip navigation
Log in to follow, share, and participate in this community.

Recent Activity

RSA Information Design and Development
  To support trusted connections each core service has two ports, an unencrypted non-SSL port and an encrypted SSL port. Trusted connections require the encrypted SSL port.  PrerequisiteTo establish a trusted connection, each Security Analytics Core service must be upgraded to 10.4 or later. Trusted connections are not backwards compatible with…
RSA Information Design and Development
Click to view content  By default Security Analytics server uses a web server certificate generated by Security Analytics for HTTPS connection. Security Analytics also allows you to configure custom web server certificate to be used as Security Analytics server certificate. You can configure custom web server certificate even if PKI is not enabled. Supported…
RSA Information Design and Development
View PDF     How Investigation WorksMalware Analysis Functions Malware Scoring Modules Roles and Permissions for Analysts  Configure Investigation Views and PreferencesConfigure Malware Summary of Events View Configure Navigate View and Events View  Conduct an InvestigationBegin an Investigation  Filter Information in the Navigate ViewManage…
RSA Information Design and Development
   This topic identifies the user roles and permissions required for a user to conduct malware analysis in Security Analytics. If you cannot perform an analysis task or see a view, the administrator may need to adjust the roles and permissions configured for you. Required Roles and Permissions RSA Security Analytics manages security by providing…
RSA Information Design and Development
Click to view content   This topic provides instructions for an analyst to create and manage custom column groups for displaying data in the Navigation > Events view. When viewing a list of events in Security Analytics Investigation > Events view, you can customize the way data is displayed by defining the meta to display in a column, the position of the column in…
RSA Information Design and Development
Click to view content   In the Add Events to an Incident dialog, analysts can add alerts to an existing incident so that incident responders look at the associated events as part of an incident response. Related procedures are available in Manage Context Hub Lists and List Values in Investigation. To access this dialog, while investigating a service in the…
RSA Information Design and Development
Click to view content   When analysts are viewing an event reconstruction in Security Analytics Investigation, the Actions menu has an option to extract files from the event being viewed and export them to an archive. Note: You can only export session files that you have permission to view or access. The file export function queries the service for all sessions…
RSA Information Design and Development
   Analysts can use the RSA Security Analytics Malware Analysis service to detect malware. Once you initiate a Malware Analysis investigation, there is no specific order in which to conduct the investigation. Instead, Security Analytics offers various methods of displaying the data, filtering the data, querying the data, acting on a drill point,…
Load more items