Skip navigation
All Places > Products

RSA NetWitness Platform

Log in to follow, share, and participate in this community.

Recent Activity

Jinson Abraham
Need to know some model and details of RSA Packet Concentrator S6 
in RSA NetWitness Platform
Aleksey Martyanov
Good day!   We have an issue with the RSA Decoder/ By the monitoring system, we recieve that the service status is green and ready, but the health status says Capture stopped with the red sign, how we can identify what's the problem here and restore the normal job?   The services had been restarted several times.
in RSA NetWitness Platform
Marco Faggian
Click to view contentWhen performing network forensics, all protocols should be analysed, however, some tend to be more commonly abused than others; one of these being DNS. While not as flexible as say HTTP, it does flow through, and outside of networks a lot easier due to its configuration. This means that DNS can be utilised to encapsulate data that would be routed… (Show more)
in RSA NetWitness Platform
Lee Kirkpatrick
Click to view contentI have recently been posting a number of blogs regarding the usage of the RSA NeWitness Platform to detect attackers within your environment. As the list of the blogs grow, it is becoming increasingly difficult to navigate through them easily. In order to combat this, this blog post will contain references to all other blog posts in the Profiling… (Show more)
in RSA NetWitness Platform
Xue YQ
My rules is to check for hits from the list, which the list might contains quite a huge data.  For example the rule is: ip.dst = $[list] List:,,......, etc. When I drill in to particular hits, the query should be: (ip.dst =,, ....... +2000 character). But it end up to be: (ip.dst =,, .......,… (Show more)
in RSA NetWitness Platform
Denise Sposato
Check out the RSA Conference 2020 - you won't want to miss this event;   EVENT INFORMATION   REGISTRATION   -- Register by Jan. 24 and SAVE $900. 
Maximiliano Cittadini
I have a customer who bought Netwitness for Log as solution. In the last days, we were with them and they ask us about the integration of a very hardenred windows envieroment. I told them to let me think about it for a few days. There's no problem to make outbound connections from those Windows Hosts to Netwitness, so I think NW Endpoint Insght… (Show more)
in RSA NetWitness Platform
Tamas Szilagyi
Hi, I have a case when I want to create an alert for a specific event only if another event did not preceded that specific event. To give more context: if an email gateway 'reputation' event happened for an IP, the firewall alert rule for that same IP should not trigger. Or, looking from the other way around, the firewall rule should only trigger… (Show more)
in RSA NetWitness Platform
Denise Sposato
RSA Charge 2020, October 5-8, the largest gathering of security and risk professionals, is now open for Early Bird registration by visiting the RSA Charge 2020 website. The website should be your 'go-to' for all RSA Charge 2020 updates through the next several months.   The feedback we received from attendees at the 2019 Charge event were amazing… (Show more)
Thomas Jones
Updated for snmpv3: 01/14/2020 Scenario – You or your customer would like to link SNMP to the Netwitness for system monitoring purposes (Solarwinds, Nagios, etc.).   Why SNMP? SNMP is an “agentless” method of monitoring network devices and servers, which can be viable alternative to the problems, hassle, and maintenance associated with agents.…
in RSA NetWitness Platform
Load more items