Skip navigation
All Places > Products

RSA NetWitness Platform

Log in to follow, share, and participate in this community.

Recent Activity

Maximiliano Cittadini
Community:  I'm facing an issue trying to add two different WLCs to two different Log Collectors with Netwitness 10.6.6. In both cases when I configure the destination of the collection the GUI throws me the following error:   failed to add destination for "Windows": "HttpOps: GET: SSL connection error: A request to send or recieve data was… (Show more)
in RSA NetWitness Platform
Abhishek Samdole
Hi Team,   We need to format ESA hard disk.Can you Please tell me which type of cable(Hard disk to USB) it required to do this activity?
in RSA NetWitness Platform
Rui Ataide
Click to view contentCustomers frequently ask me about malware that uses domain fronting and how to detect it. Simply put, domain fronting is when malware or an application pretends to be going to one domain but instead is going somewhere completely different. (Mitre ATT&CK - T1172)   The goal of domain fronting is to have the analysts believe that the connection is… (Show more)
in RSA NetWitness Platform
Denise Sposato
(Authored by Steve Schlarman, Portfolio Strategist, RSA) It was Mark’s big shot.  He finally had a meeting with Sharon, the CIO.  Her schedule was so busy it was legendary and for her to spend time with a risk analyst was a clear indicator she recognized the new challenges facing their company.  Although he only had 15 minutes, Mark was prepared -… (Show more)
in RSA NetWitness Platform
Lee Kirkpatrick
Click to view contentIntroduction Cobalt Strike is a threat emulation tool used by red teams and advanced persistent threats for gaining and maintaining a foothold on networks. This blog post will cover the detection of Cobalt Strike based off a piece of malware identified from Virus Total:   NOTE: The malware sample was downloaded and executed in a malware VM under… (Show more)
in RSA NetWitness Platform
Eric Partington
Click to view contentInteresting blog post from ISC SANS Handlers blog about http error code 522 (Connection timed out)   Which got me thinking, could RSA NetWitness help detect this potential indicator ?   If you have Packets the http_lua registers the error codes in the error metakey If you… (Show more)
in RSA NetWitness Platform
Xuanang Li
Hi,   i want to apply STIG to my Netwitness 11.3. And i found that there is no guide line.
in RSA NetWitness Platform
Rachid Griech
How can we reset a Powervault DAC  Raid to it's initial configuration (all the disk Unconfigured). when we are switching the DAC from an Appliance to Another?
in RSA NetWitness Platform
Twinkle Lath
- The password for deploy_admin user should be same across all appliances. - This user is used to connect rabbitmq, few mongo db tables(more or like guest user in 10.x version)   - If you change the deploy_admin user password in the NetWitness Suite User Interface (ADMIN>Security >Select deploy-admin - Reset password) Then, follow below: 1. SSH to… (Show more)
in RSA NetWitness Platform
Load more items