RSA is pleased to announce the general availability of RSA NetWitness Platform 11.4.1, which introduces improvements for analyst investigations, log management, and platform administration and other fixes. Highlights Include:
Email Reconstruction Directly Within Events
- The Email Reconstruction has been redesigned so that analysts can reconstruct email sessions without leaving the Events view.
Improved Threat Aware Authentication Capabilities
- RSA NetWitness Respond server can now send the Active Directory usernames for high risk users from incidents to RSA SecurID, improving the Threat Aware Authentication capabilities of the platform.
Better Workflow Across Sessions
- Analysts can now group events in a more powerful manner from split and related sessions to easily detect relationships in captured data.
Query Building Made Easy
- New Query Building capabilities enable analysts to use powerful features such as auto-completion from typed text, copying queries to clipboard, keyboard commands to define filters, and auto-population of operators to create filters.
New Customer Experience Improvement Program
- We have revamped our active feedback capabilities so we can get direct application usability feedback. While this is an optional program, the more feedback we get the better we can design and build future versions of the RSA NetWitness Platform.
Other Features & Fixes:
- Events List Enhancements: New column sorting controls to sort the Events list and preferences to list events without sorting provide a better user experience for analysts.
- Custom Certificates on Log Decoders and Log Collectors: The platform now enables an ability to use your own trusted certificates instead of pre-installed certificates for the syslog listener on Log Decoders and Log Collectors.
- Event Source Visualization and Search Improvements: Event sources can now be searched using address (IP/hostname) or Name on Log Collectors to easily view required sources. Historical graphs have been moved to Event Sources Management from Health & Wellness in line with other event source information.
- Single Sign-On Extended to Multiple-Instances: Powerful Single Sign-On capabilities introduced in version 11.4.0 are now supported for multiple RSA NetWitness Platform User Interface instances.
For additional documentation, downloads, and more, visit the RSA NetWitness Platform page on RSA Link.
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.