Skip navigation
All Places > Products > RSA NetWitness Platform > Blog > 2014 > December
2014

Great report entitled Detecting APT Using Anomalous Windows Remote Management Methods and Dynamic RPC Endpoint Mapping produced by RSA's Incident Response Team. The paper discusses techniques attackers utilize to work in plain sight by exploiting common management functions.  The report does a great job discussing techniques to help detect these tactics as well. Also attached is a digital appendix that includes a parser for RSA Security Analytics.

Season’s Greetings!

It’s December and we’re bringing another year of content delivery to a close. This year we’ve worked closely with you to develop processes to provide a more streamlined content production pipeline, as well as provide a more consistent method of communicating content availability. The net result is that the team produced more content in 2014 than ever before!

So how productive were we? I’m glad you asked! The team produced 574 new pieces of content this year. Let’s take a look at the breakdown:

Content Type
Log Parsers and Collectors294
Net New Report Engine (RE) Rules102
Net New Event Stream Analysis (ESA) Rules74
Net New Reports43
Net New Application Rules23
Net New Basic Correlation Rules14
Net New LUA Parsers12
Net New Report Engine (RE) Lists7
Net New Feeds3
Net New Advanced Analytics / Data Science Models1
Net New Flex Parser1


Of particular note is that we’ve produced some significant content “firsts” in regards to the type of content we are providing. I’m referring to our NetFlow, ECAT, and Advanced Analytics / Data Science content. These will lay the foundation for even more advanced content offerings in 2015 with Security Analytics 10.5 and beyond.  While not as glamorous or exciting, we’ve also done quite a bit of content housekeeping with over 50 feeds retired and countless log parsers updated. All in all, not a bad year. Next year will be even better.
   

Our content release notification for December can be found here.

 

The RSA Content Team wishes you and yours a happy holiday season and an excellent New Year.  See you in 2015!

Regards,

 

The ASOC Content Team

 

Filter Blog

By date: By tag: