• Event Sources Management User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF    NetWitness Event Sources  Managing Event SourcesAlarms and Notifications Automatic Alerting Common Scenarios for Monitoring Policies  Manage Event Source GroupsCreate Event Source Grou...
    RSA Information Design and Development
    last modified by RSA Product Team
  • NetWitness Endpoint User Guide for NetWitness Platform 11.x - Table of Contents

    View PDF    Introduction Workflow of an Endpoint Investigation Investigating Files Investigating Hosts Investigating a Process Changing File Status and Remediate Analyzing Downloaded Files Analyzing Events T...
    RSA Information Design and Development
    last modified by Mini Rajendrakumar
  • Log Parsing Customization Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF    Log Parser Rules Tab Add or Delete Log Parser Create Custom Log Parser Rules Log Parsers and the Default Log Parser Use Cases Extend a Log Parser Example Select the Reference Log Decoder Move Log...
    RSA Information Design and Development
    last modified by Scott Marcus
  • NetWitness UEBA User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF       Introduction UEBA use Cases for Windows Logs  Investigate High-Risk UsersIdentify High-Risk Users Begin an Investigation of High-Risk Users Take Action on High-Risk Users Manag...
    RSA Information Design and Development
    last modified by Shree Kulkarni
  • Getting Started Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF    Getting Started with NetWitness Platform Logging in to NetWitness Platform Changing Your Password Identifying Your Role NetWitness Platform Basic Navigation Setting up Your Default View by SOC Ro...
    RSA Information Design and Development
    last modified by Janice Krogh
  • NetWitness Respond User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF    NetWitness Respond Process Responding to Incidents Determine which Incidents Require Action Investigate the Incident Escalate or Remediate the Incident Incident Response Use Case Examples Reviewi...
    RSA Information Design and Development
    last modified by Janice Krogh
  • Alerting with ESA Correlation Rules User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF     Getting Started with ESAHow ESA Generates Alerts Best Practices Troubleshoot ESA View Memory Metrics for Rules How ESA Handles Sensitive Data  ESA Rule TypesRole Permissions Prac...
    RSA Information Design and Development
    last modified by Janice Krogh
  • UEBA Quick Start Guide for RSA NetWitness Platform 11.x

    View PDF    What is NetWitness UEBA? RSA NetWitness UEBA (User and Entity Behavior Analytics) is an advanced analytics solution for discovering, investigating, and monitoring risky behaviors across all users...
    RSA Information Design and Development
    last modified by Susan Ewald
  • NetWitness Endpoint Quick Start Guide for RSA NetWitness Platform 11.x

    View PDF    What is NetWitness Endpoint? RSA NetWitness Endpoint is an endpoint detection and response tool that continuously monitors the behavior of all endpoints in the network to provide deep visibility...
    RSA Information Design and Development
    last modified by Susan Ewald
  • NetWitness Investigate User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF   How NetWitness Investigate Works  Configuring NetWitness Investigate Views and PreferencesConfigure the Navigate View and Events View Configure the Event Analysis View  Beginning an Investig...
    RSA Information Design and Development
    last modified by Susan Ewald
  • NetWitness Investigate Quick Start Guide for RSA NetWitness® Platform 11.x

    View PDF   What Is NetWitness® Investigate? NetWitness Platform audits and monitors all traffic on a network. One type of service--a Decoder--ingests, parses, and stores the packets, logs, and end...
    RSA Information Design and Development
    last modified by Susan Ewald
  • Reporting User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF    Reporting Overview Configure and Generate a Report Configure a Rule Create and Schedule a Report View a Report Investigate a Report Manage a List or Rule or Report Troubleshooting  Appendix...
    RSA Information Design and Development
    last modified by Melinda Zelenkov
  • NwConsole User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF    Access NwConsole and Help Basic Command Line Parameters and Editing Connecting to a Service Monitoring Stats Useful Commands SDK Content Command SDK Content Command Examples Commands Used for Tro...
    RSA Information Design and Development
    last modified by Melinda Zelenkov
  • Malware Analysis User Guide for RSA NetWitness Platform 11.x - Table of Contents

    View PDF Malware Analysis Functions Malware Scoring Modules  Conducting Malware AnalysisBegin a Malware Analysis Investigation Implement Custom YARA Content Examine Scan Files and Events in List Form Configure t...
    RSA Information Design and Development
    last modified by Susan Ewald
  • RSA NetWitness Platform 11.x Visio Source Files

    Tool Download NWS11100ports_diagram_v0.1.vsd (RSA NetWitness Platform 11.x Architecture Diagram) Checksum nwe_arch.vsd  (RSA NetWitness Endpoint Insights 11.x Architecture Diagram) Checksum arch_log.vsd ...
    RSA Link Team
    last modified by RSA Link Team