The RSA Content Team is pleased to announce the addition of new and updated content to the RSA Live Content Library!
Let’s take a look at what we have released to RSA Live during the month of June and July:
- 1 New Event Steaming Analysis (ESA) rules
- This addition to our ESA rule library will help analysts detect potential APT service installation
- 7 Updates to Event Streaming (ESA) rules
- This will limit noise in customer ESA environments and ensure the most targeted intelligence in our rule library
- 3 New Application rules
- These additions to our Application rule set allows analysts to detect potential ShadowIT within their environment. We also released a rule to detect rogue DHCP servers
- 1 Update to RSA Security Analytics List
- This made changes to our User Watchlist by IP list
- 11 New RSA Security Analytics Rules
- These rules are focused on ShadowIT detection and Security Analytics Administration reports
- 2 New RSA Security Analytics Reports
- These reports are focused on ShadowIT detection and Security Analytics Administration reports
- 3 New Log parsers
- RSA Via Access
- Evidian
- IBM Mainframe (Top Secret)
- 60 Updates to Log parsers
- Improves parsing accuracy and supports newer versions of event sources
For a full breakdown of new/updated content released to RSA Live, go here:
Also, you can view our holistic content library and content request portals here:
The next few months will be busy on the content front! We have realigned our team to be much more agile with content releases, so turn around on content defects will increase tremendously. We also are in the final stages of releasing a meta dictionary output which will allow you to see what parser generates what meta. Last but not least, we are working on categorizing content in Live to give you the ability to pinpoint the content that is most important for your enterprise!
We look forward to sharing some great updates with you next month!
Regards,
The ASOC Content Team