Investigation: Conduct an Investigation

Document created by RSA Information Design and Development on Jul 28, 2016
Version 1Show Document
  • View in full screen mode

This topic introduces the prerequisites and procedures for an analyst using RSA Security Analytics Investigation to analyze selected data and files.

After you begin an investigation, there is no specific order in which to conduct the investigation. Instead, Security Analytics offers various methods of displaying the data, filtering the data, querying the data, acting on a drill point, and inspecting specific events.

Analysts who conduct analysis using Security Analytics Investigation need to have the appropriate system roles and permissions set up for their user accounts. An administrator must configure roles and permissions.

See Also 

Roles and Permissions for Analysts in the Malware Analysis Configuration Guide

You are here: Investigation: Conduct an Investigation