Dear Valued RSA Customer,
The RSA Content team is pleased to announce the addition of new and updated content to the RSA Live Content Library!
LetÕs take a look at what we have released to RSA Live during the month of May:
á 2 New Event Steaming Analysis (ESA) rules
- These additions to our ESA rule library will help analysts detect rogue DHCP servers. This is important detection in order for customers to defend against man-in-the-middle attacks
á 6 Updates to Event Streaming (ESA) rules
- This will limit noise in customer ESA environments and ensure the most targeted intelligence in our rule library
á 6 New Application rules
- These additions to our Application rule set allows analysts to detect potential denial of service attacks
- 10 Updates to Application rules
- This will increase the accuracy of our out-of-the-box Application rules
- 1 New Lua parser
- This new FTP protocol parser provides visibility into file transfers
- 6 Updates to Lua parsers
- Improves protocol parsing accuracy
- 1 New Log parser
- BigIP Advanced Firewall Manager - Network based firewall. Based on the set policies, AFM has the ability to accept/reject/drop the traffic
- 24 Updates to Log parsers
- Improves parsing accuracy and supports newer versions of event sources
For a full breakdown of new/updated content released to RSA Live, go here:
Also, you can view our holistic content library and content request portals here:
The next few months will be busy on the content front! In addition to our ESA rule library project , we will be releasing rules and reports to help our customers detect ShadowIT within their organization. We also will be releasing some great content that provides visibility into AWS environments. To top it all off, we will be delivering reports for Security Analytics auditing use cases!
We look forward to sharing some great updates with you next month!
The ASOC Content Team