Maximize your Experience with RSA NetWitness

Document created by Jeff Shurtliff Employee on Mar 30, 2016Last modified by Jeff Shurtliff Employee on Jul 14, 2017
Version 31Show Document
  • View in full screen mode

On this page you will find resources to help you maximize the value of the RSA NetWitness Suite.


Latest InformationAdditional Materials


Setting up Licensing in RSA Security Analytics 

Critical Start Threat Analytics Plugin Configuration 

NetWitness User Interface Overview 

Building a Custom Adhoc Feed in RSA NetWitness 

Parsers, Feeds, and App Rules - Processing Order 

RSA NetWitness Components 

NetWitness Dashboard Creation 

RSA NetWitness Community Videos

RSA NetWitness Logs and Packets Training


Licensing Guide for Version 10.6 - Table of Contents 

Licensing Guide 

RSA Security Analytics 10.6 ESA Quick Start Guide 

RSA NetWitness Suite Hardware Specifications 

Using Custom Meta in an Event Stream Analysis Rule 

RSA NetWitness Suite Documentation


RSA NetWitness Investigation Bootcamp

Wolves Among Us: Abusing Trusted Providers for Malware Operations

Hunting Webshells with RSA ECAT

Detecting APT Using Anomalous Windows Remote Management Methods and Dynamic RPC Endpoint Mapping

Held for Ransom: A Ransomware Case Study

Threat Detection Techniques - ATM Malware

Detection of Squiblydoo COM+ Whitelist Bypassing with RSA ECAT

Understanding and Detecting Backoff POS Malware

Detecting BlackPOS and Poison Ivy Malware

Detailed APT Case Study with RSA Security Analytics and RSA ECAT

RSA NetWitness Suite Blog

RSA Speaking of Security Blog


000029193 - How to Install a Public CA Certificate on RSA Security Analytics through 10.6.0 

000014569 - RSA Security Analytics host not booting the latest installed CentOS 6 kernel 

000029081 - "Unable to connect to endpoint" is displayed when adding 10.4.x appliances to RSA Security Analytics 10.4 

000027904 - Certs used for trusted connections in RSA Security Analytics are stale after "Remove and Repurpose" 

RSA NetWitness Suite Knowledge Base

RSA NetWitness Endpoint Knowledge Base

12 people found this helpful