The Bit9 Security Incident and RSA Spectrum

Blog Post created by NWPMM Employee on Feb 13, 2013


Recently Bit9 announced that its internal systems had been compromised and, as a result, malware had been signed using Bit9’s own digital code-signing certificates: https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/


Does this affect RSA NetWitness Spectrum?

Bit9 has given RSA assurance that we are not one of the customers affected by the security incident. They have also stated that the specific product RSA uses from Bit9 (GSR or Global Software Registry) was not affected by this compromise, directly or indirectly.  More specifically, RSA NetWitness Spectrum’s only interaction with Bit9 is to post MD5 hashes of the files we are analyzing and to parse the result to determine the file’s threat level. 


In summary, there is no remediation required on behalf of a RSA NetWitness Spectrum customer given the recent Bit9 security incident.