Skip navigation
All Places > Products > RSA NetWitness Platform > Blog > Author: Jacob Dorval

RSA NetWitness Platform

5 Posts authored by: Jacob Dorval Employee

Hi Everyone,

We're excited to share our second issue of the RSA NetWitness Platform newsletter with you.  As a friendly reminder, the goal for this newsletter is to share more information about what is happening and what key things you should be aware of regarding our products and services.


This is a monthly newsletter, so you can expect the next newsletter in early June.  If you have any specific topics you would like to see in a future newsletter, please let us know!


Previous Newsletters:



Note: You can hit "preview" to view the pdf newsletter in your browser window, without needing to download it. 

Hi Everyone,

On behalf RSA NetWitness, we are excited to bring you our first issue of the RSA NetWitness Platform newsletter. 


Our goal is to share more information about whats happening and key things for you to be aware of regarding our products and services. 


This will be a monthly newsletter, so you can expect the next newsletter in early May.  


No, this is not an April fools joke!!


There's a very short survey at the end of the second page in the newsletter.  Please share your thoughts with us so we can continue to improve it over time and make sure it contains useful information for you going forward.  


Thanks everyone!


***  EDIT  *** 

For anyone who does not feel comfortable downloading and viewing the .pdf copy of this newsletter, I've added screenshots of the newsletter so that you can still view the content.  Just note that by doing this, obviously none of the hyperlinks will work for you unless you download the .pdf.




For those who are interested in becoming certified on the RSA NetWitness Platform - we have some great news for you!  This process just became a whole lot easier... you no longer have to travel to a Pearson VUE testing center to take the certification exams.  All four of the RSA NetWitness certifications can now be taken through online proctored testing!  That's right... 100% online!


You can find all of the details on the RSA Certification Program page.  There's also a page specifically for the RSA NetWitness Platform certifications where you can find details about the certifications, try out one of the practice exams, register to take a certification and much, much more.  


RSA NetWitness has 4 separate certifications available:

  1. RSA NetWitness Logs and Network Admin
  2. RSA NetWitness Logs and Network Analyst
  3. RSA NetWitness Endpoint Admin
  4. RSA NetWitness Endpoint Analyst


I wish you all the best of luck and encourage you to continue your professional development by becoming certified on our technology.  

Security Monitoring is no longer in its infancy and most organizations have some level of monitoring in place today.  So the question begs, if this is in place then why do we continue to see organizations failing to secure their networks and protect what matters most to their business?


In reality there is no single reason for these breaches nor is there a silver bullet for curing the problem. If you had a chance to listen or watch the keynote from this year’s RSA Conference, delivered by RSA's President Rohit Ghai, you’ll recall that he said we have to look to the silver linings and see where small changes made across the Security Monitoring arena can add up to make significant overall improvements to our security.


There is sometimes a perception that deploying multiple security technologies will protect an organization.  In several recent discussions it's apparent that organizations continue to experience major breaches even with technology in place.  Sometimes they simply have the wrong technology.  Other times they have the right technology, but they're not actively using it or using it to its full potential.  The point is that it is less about what technology you have in place and more about what you actually do with it.  We've seen a number of examples where smaller security teams excel purely by knowing their own environment and having a thorough understanding of their tools, capabilities and making the most of what they have been able to invest in.  


This is indicative of another issue: skill shortages and finding the right security staff. It’s not necessarily about having the perfect team from day 1, but it’s about growing their skills in-house to make sure they know what they are defending (and why).  This involves having a development path to increase the organization’s Security Operations Maturity.

Knowing your own threat landscape and what gaps you have in threat detection are crucial in a modern Intelligence-led Security Operations Center.  The fact is that understanding your own network landscape is going to be crucial when you are defending it against the most sophisticated attackers.


In short, what we are saying here is that it is incredibly difficult to develop a SOC or any other Security Monitoring capability which is going to be effective from day 1. It is all about the journey. SOC Managers, CISO’s, CIO’s and others have to identify what is important to them and develop a plan which will provide the enhancements in capabilities (Tools, Technologies & Procedures) and ensure that these are supported both financially and by metrics.  This includes having a roadmap of where you want your Security Monitoring program to grow to and being able to test how well the team is performing via Red Team engagements as well as Controlled Attack and Response Exercises.


Join us on our upcoming webinar next month on June 12th to learn more.  We will discuss this journey with one of our customers who has taken this exact approach in building and developing their team into one of the most skilled Security Operations Centers that we’ve seen to date.   


Click here to register.


I wanted to give a special thanks to Azeem Aleem, Gareth Pritchard and David Gray for their contributions to this blog and upcoming webinar. 

Upgrade to RSA NetWitness Version 11 With RSA Professional Services:

There are numerous reasons why organizations are upgrading to RSA NetWitness Suite Version 11.  The majority are interested in the highly intuitive & redesigned user interface, the new product capabilities, the launch of “Respond” and many other usability & serviceability enhancements that come with version 11.  Regardless of what your reason is for upgrading, our RSA NetWitness Professional Services team will ensure you get through your upgrade thoughtfully and successfully while minimizing the amount of time you need to take away from your daily responsibilities.


One of the biggest challenges we face in the security industry today is a lack of resources.  If your organization doesn’t have the skillset needed to perform the upgrade independently or if your employees can’t take the time out of their daily obligations to perform the upgrade, I strongly encourage you to engage with RSA Professional Services as your trusted adviser to perform the upgrade for you. 


At RSA, we have a global Professional Services team that is certified on the RSA NetWitness product and fully trained on the upgrade to RSA NetWitness v11.  Our battle tested team will ensure you have a successful upgrade and will minimize the amount of time it takes to complete the upgrade to RSA NetWitness 11.


Our Professional Services team has several flexible offerings that can be leveraged for upgrading your environment.  From smaller environments to very large and complex global enterprise deployments, we have offerings that will meet your business requirements as well as your preferred procurement method.


Key Benefits of working with RSA PS include: 

  • We bring the most real-world field experience: Founded in 1982, RSA has worked with more organizations in more countries for more years than anyone else, and have logged over 100,000 engagements.
  • Our battle-tested teams have tackled the most sophisticated and complex cybersecurity and compliance challenges.
  • We come with the highest level of expertise: Our professionals are trained and certified in the most advanced technologies and methodologies, and are thought-leaders through leading research, conferences, publications, education and training programs.
  • We’ll ensure your upgrade is thoughtfully planned out and executed jointly with our team of experts
  • We’ll help you maximize your ROI by receiving detailed Knowledge Transfer through a series of workshops during the engagement about the new version, how to use the latest features & functionality as well ashow to extract the most value out of the product.
  • We’ll give you the peace of mind knowing you are in the hands of experts who have helped many other organizations like yours successfully navigate the exact same upgrade process and have insights into common risks seen in other environments
  • We’ll give your employees the ability to focus their attention on their day to day duties rather than putting those entirely to the side to perform an upgrade

Please contact your local Account Representative for more information about RSA's upgrade services.  We offer a combination of both fixed scope upgrade services as well as upgrade services that can be custom scoped for your specific implementation and business requirements.  If you are unsure who your Account Representative is please contact me directly and I’ll personally help you get in touch with the right person.  You can contact me at


Upgrading to RSA NetWitness Version 11 Without Professional Services:

For those customers who wish to complete the NW11 upgrade journey without PS Support, you’re still in great hands.  The engineering teams at RSA delivered an incredibly high quality product and documented the entire upgrade process very well.  Please be sure to read and follow the product documentation step by step to ensure you have a successful upgrade.


This link is the main RSA NetWitness v11.0 page where you can find the documentation, release notes, upgrade guides, etc.  Beware, there are several unsupported configurations in RSA NetWitness Version 11.  Be sure to familiarize yourself with these configurations prior to executing your upgrade.  This is all well documented in the v11.0 Release Notes.  


If you do run into trouble during the upgrade our RSA NetWitness Customer Support team is always standing by to assist.  Simply open up a support case via RSA Linkclicking on “My RSA” up at the top and then clicking on “Create New Case.” 


About RSA Global Services:

If you haven’t talked with your Account Representative lately about RSA’s Global Services offerings I would highly recommend doing so.  There are numerous offerings that can help you through your transition.  We offer services for our RSA NetWitness customers from the following teams in Global Services: RSA University, RSA Professional Services, RSA Customer Support and the RSA Risk and Cybersecurity Practice which includes RSA Incident Response and RSA Advanced Cyber Defense.  You'll find that we have many of the services your business needs to be successful and mature your security operations.  


To give you a sneak peek, below you will find a high level, 1 slide overview of each practice which shows some of the offerings we provide.  If you’d like to obtain more information or have a conversation about any of these service offerings please feel free to contact your local Account Representative or contact myself directly.  


RSA Cybersecurity Experience & Global Services Overview:


RSA Professional Services:


RSA Advanced Cyber Defense:


RSA Incident Response:


RSA University:


RSA NetWitness Customer Support:


Thanks everyone. I hope you are as excited to move to RSA NetWitness v11 as we are.  


Thank you,



Jake Dorval | Global Services Product Lead (SPL) – RSA NetWitness® Suite | Global Services| Reston, VA

Mobile: +1 410-960-6988 | | GMT (-4) Time Zone

RSA® NetWitness® Suite Community:

Filter Blog

By date: By tag: