RSA NetWitness for Docker

Document created by Todd Morneau Employee on Jun 26, 2017Last modified by RSA Link Team on Jul 3, 2017
Version 5Show Document
  • View in full screen mode

Visibility and behavior analytics into a rapidly emerging cloud and data center architecture


The threat surface area is growing exponentially, caused by “non-traditional” endpoints, such as Containers, Enterprise IoT and Embedded/OT Systems. This is creating a massive visibility gap for Enterprises.

“By 2018, more than 50% of new workloads will be deployed into containers in at least one stage of the application life cycle.” Gartner

IoT technology and services revenue to expand from $779.9 billion in 2015 to $1.3 trillion by 2018 at an 18.2% CAGR” - IDC

“By 2020, spending on OT security will double due to increasing attacks on critical industrial infrastructure and subsequent regulatory response” – Gartner   



  •   Focus first on container visibility, specifically Docker.
  •   Develop container data collection of NetFlow, logs and processes and provide behavior analytics and alerting.
  •   Develop an easy to deploy container sensor, combined with a SaaS analytics service that integrates natively, but not exclusively with RSA NetWitness.