This topic introduces the prerequisites and procedures for an analyst using RSA Security Analytics Investigation to analyze selected data and files.
After you begin an investigation, there is no specific order in which to conduct the investigation. Instead, Security Analytics offers various methods of displaying the data, filtering the data, querying the data, acting on a drill point, and inspecting specific events.
Analysts who conduct analysis using Security Analytics Investigation need to have the appropriate system roles and permissions set up for their user accounts. An administrator must configure roles and permissions.
Roles and Permissions for Analysts in the Malware Analysis Configuration Guide