Skip navigation
All Places > Products > RSA NetWitness Platform > Blog > Author: Tracey Shell

RSA NetWitness Platform

2 Posts authored by: Tracey Shell Employee

by Mike Adler, VP Product RSA NETWITNESS


Empowering intelligent SOCs by providing them with the visibility, insights and actions they need—as quickly as possible—is key to a company’s ability to manage digital risk. However, as the number of users, endpoints, and networks accessing company data grows, so does the risk of cyberattacks to a company’s critical assets.


This can often leave SOC analysts overwhelmed with data and alerts, increasing the potential dwell time of a threat, leaving less time to find the threats that matter.  Ironically (and unfortunately), in its attempt to improve enterprise security by deploying more solutions, security professionals create silos of disconnected security information which can open the organization up to more vulnerabilities as these silos add complexity and deliver a very poor user experience for analysts.


This is why, I am pleased to announce RSA is adding Fortscale’s pioneering UEBA technologies to the RSA NetWitness® Platform.  Adding these capabilities natively to the Platform will enable our customers with an integrated approach that simplifies SOC management and security by correlating data to accurately detect and respond to advanced threats using analytics. RSA NetWitness UEBA seamlessly integrates with the Platform’s meta-data model, allowing intelligent processing of data in a single platform with a reduced storage footprint.  By building on the existing data store and analytical capabilities of the Platform, Fortscale’s technology enables RSA NetWitness customers to see anomalies in user behavior alongside other security alerts in the RSA NetWitness respond module.


The Fortscale UEBA engine identifies deviations from normal user behaviors and uncovers risky and previously hard-to-detect threats. By understanding behavior, Fortscale highlights potential risks such as shared user credentials, privileged user account abuse, geolocation and remote access anomalies. This allows organizations to find unknown threats hiding among the huge volume of security data found in today’s complex IT environments without heavy installation, maintenance or analyst oversight. The Fortscale UEBA engine is designed to:

  • Provide fully automatic, unsupervised machine learning;
  • Reduce the need for organizations to have big data experts on their analyst team;
  • Detect unknown threats (compromised credentials, insider threats, data exfiltration);
  • Address malicious behavior in which exploits have received elevated permissions;
  • Be dynamic, automatically learning behavior specific to the environment; and,
  • Require no customization, rule authoring or ongoing care, tuning, rule creation/adjustment.


The Fortscale UEBA engine strengthens the RSA NetWitness Platform evolved SIEM allowing our customers to have more capability at their fingertips without stitching together multiple security platforms or tools.  We expect customers will quickly come to value the additional alerts and information detected by the Fortscale UEBA engine and extend their adoption of the RSA NetWitness Platform as the centerpiece of an intelligent SOC.  I am excited to welcome the Fortscale team to RSA and look forward to sharing more details about the integration in the future. 

Summer is nearing an end, the kids are heading back to school, and RSA Charge 2017 is less than two months away, October 17-19.


We invite you to peruse the full schedule for this year’s event on the RSA Charge website with more than 35 hands-on labs, 90 sessions and 140 thought leaders and industry experts who are ready to share with you the key insights needed to take your security strategy to the next level.


Here are a few of the great sessions you can attend:

  • Rolling-out a Company Wide Risk & Control Framework Supported by RSA Archer
  • Third Party Governance: Perspectives from a Panel of Pros
  • The RSA Archer Admin Dashboard (Yes, it's really here!)
  • From Discovery to Remediation in 9 Days: Defend against Determined and Well-Resourced Adversaries
  • Maximizing Your Investment in RSA Identity Governance and Lifecycle
  • Deep Entity Profiling & Machine Automation – How to Use These Powerful Technologies to Mitigate Fraud While Reducing Costs and End-User Friction

 See the full schedule here.


And, if this isn’t enough to convince you to register today for RSA Charge, over the next six weeks, every Tuesday on the RSA Link Community, you’ll also see blogs from the RSA Charge team detailing presentation highlights from each of the product tracks being offered this year at Charge, including:


  • Taking Command of Your Risk Management Journey
  • Transforming Compliance
  • Managing Technology Risk in Your Business
  • Inspiring Everyone to Own Risk
  • Detecting and Responding to Threats That Matter
  • Secrets of the SOC
  • Identity and Access Assurance
  • Reducing Fraud, While Not Reducing Customers
  • RSA Archer Technical
  • RSA Archer Technical, Advanced


This year’s RSA Charge event is definitely one not to miss. If you have not registered as yet, please do so today to secure your spot and take advantage of the Discount Rate of $745, saving $200 through Sept. 15.

Additionally, if you also register for one of the Pre-Charge training courses offered by RSA University, you can save even more – the expired Early Bird Discount Rate of $645 will be extended to you up until the official start of RSA Charge on October 17. Click here to see the full course offering and for registration details. Classes are filling up quickly, so don’t delay.


RSA Charge 2017 will provide you the ultimate opportunity to network with RSA customers from across the product portfolio, partners, and industry experts while discovering how to implement a Business-Driven Security™ strategy in an increasingly uncertain, high-risk world.


See you in Dallas, October 17-19 at the Hilton Anatole Hotel for RSA Charge 2017! 


RSA Charge 2017, the premier event on RSA® Business-Driven Security™ solutions, unites an elite community of customers, partners and industry experts dedicated to tackling the most pressing issues across cybersecurity and business risk management. Through a powerful combination of keynote speeches, break-out sessions and hands-on demos, you’ll discover how to implement a Business-Driven Security strategy to help your organization thrive in an increasingly uncertain, high-risk world.

Filter Blog

By date: By tag: