It's Here: The Launch of RSA Security Analytics 10.4 & ECAT 4.0

Blog Post created by NWPMM Employee on Sep 9, 2014

Here at RSA we are excited and pleased to announce the highly anticipated, external joint launch of RSA Security Analytics 10.4 & ECAT 4.0.  No other tool on the market today gives you the capability and power to "Be The Hunter". 

With this latest release of Security Analytics and ECAT, three words define our mission:  Visibility. Analysis. Action.  We are providing SOC teams broader visibility, enabling the team to focus on the most important incidents. We’re also enabling rapid analysis and faster investigations of incidents leveraging data from Network Packets, Endpoints, Logs and Netflow all in one platform.  That way, they get to understand the true nature, scope, and impact of an incident to take targeted action.

RSA Security Analytics 10.4 overview:

  • Expanded Collection Options
    • Netflow support
    • CEF support
    • Support for 250+ Log Sources
  • Enhanced Network Investigations
    • Accelerated UI performance
    • Streamlined analyst workflow and more!
  • Tighter Integrations with RSA ECAT
    • Providing extended visibility down to the endpoint
    • Correlate network data, logs, and endpoint data
    • Pivot from Security Analytics Investigation directly into ECAT for deeper endpoint investigations
  • SIEM and Beyond Analytics
    • Centralized rule management
    • Alert Enrichment Options & Enhanced Alerting Capabilities
    • Data Science Driven Advanced Analytics leveraging the Pivotal HD Data Warehouse
  • Native Incident Triage/Management
    • Single console for managing queues and investigating issues
    • Centralized view into incidents across SA enabling analysts to rapidly identify, triage, investigate and respond to security events
    • Combined view of alerts from logs, packets, malware, ECAT
    • Integration with SecOps and ticketing systems
  • Platform Enhancements


RSA ECAT 4.0 Overview:

  • Scalability & Manageability Improvements
    • 50K hosts per server (2.5x increase)
    • Unified view in Console UI
  • Completely Redesigned UI
  • Enhanced Detection Capabilities & Real-time Alerting
    • Alert on suspicious behavior in real-time
    • Early warning of potentially malicious activity
    • Send to Security Analytics or other SIEM solutions
  • Mac OS X Support
  • RSA Live Support
  • Tighter Integrations with RSA Security Analytics
    • More ECAT metadata fed into Incident Management and SA Investigation


Check out the Virtual Event here: RSA Security Analytics 10.4 and RSA ECAT 4.0 Virtual Launch Event.  Tell us what you think!