RSA announces the release of RSA Web Threat Detection 6.3

Document created by RSA Product Team Employee on Dec 11, 2017Last modified by RSA Product Team Employee on Dec 11, 2017
Version 2Show Document
  • View in full screen mode


This release of RSA Web Threat Detection consists of the following changes and enhancements:


Enhanced Flexibility for Multi-Tenancy Deployments

In this release, customers can customize rules, search results, and the clickstream view for each tenant based on tenant-specific data by configuring selectors, extractors and attributes per tenant. This new functionality increases the flexibility for customers with a multi-tenancy configuration where each tenant has different web sites and different data in the HTTP request and response. For example, a Technical Service Provider might have multiple tenants for customers with different web-sites. In this type of deployment, the Technical Service Provider can configure the system to use the tenant-specific data for each of the tenants.


Kafka Server Messaging

To provide an easier data streaming process and enhanced performance, all transactions and alerts are now directed through Kafka, a standard messaging system. RSA recommends implementing use of the Kafka server instead of MQ Bridge for data streaming, as MQ Bridge is nearing end of life.


Action Server Improvements 

This release of Web Threat Detection includes significant performance improvements to the Action server. In addition, this release has combined the Action server and Transaction Scoring for Adaptive Authentication server into one Action server for a streamlined process.


Cassandra upgrade 

This release includes and upgrade to the Cassandra database, providing improved stability and security.


Hourly Rules Functionality

As part of the planned future removal of hourly rules from the product, starting in this release, hourly rules cannot contain custom actions.


Fraud Action Script

The updateFaiEdsFeed script fetches RSA FraudAction EDS files and includes them in the Web Threat Detection EDS directory for seamless integration with RSA FraudAction services.


Additional Scripts

This release includes the following additional utility scripts:

  • TrxAndUsersCount script

Counts the number of transactions and number of unique users per tenant per month, on both multi-tenant and single tenant installations. The script can be used by Technical Service Providers to measure the volumes of traffic and users per tenant.

  • KafkaConsumerTool script
    Extracts both encrypted and unencrypted messages from the Kafka server, and sends the output to the shell console.


For additional documentation, downloads, and more, visit the RSA Web Threat Detection page on RSA Link.


EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.