Dear Valued RSA Customer,
RSA, a Dell Technologies business, is pleased to announce the general availability of a new product, RSA NetWitness Orchestrator 3.5.
RSA NetWitness Orchestrator is a comprehensive security operations and automation technology that combines orchestration, incident management, and interactive investigation. The RSA NetWitness Orchestrator engine automates security product tasks and weaves in the human analyst tasks and workflows. In addition, RSA NetWitness Orchestrator also enables security teams to reduce MTTR, create playbook-driven automated response actions, and leverage machine-learning powered insights for quicker resolution and greater efficiency.
Highlights of the capabilities available with new RSA NetWitness Orchestrator include:
- Complete case management. RSA NetWitness Orchestrator provides holistic case management to better collect, standardize, and prioritize isolated alerts for more efficient, streamlined, incident response. Capabilities include:
- Collecting, querying, and enriching the reputation of different artifacts and indicators such as user, system, IP, URL and more for playbook automation
- Capture of the entire incident management lifecycle in a well-structured, consistent, and auto-documented process
- Extension of the incident management currently available in RSA NetWitness Platform.
For further information for all 170+ out-of-the-box technology partner interoperabilities please refer to the RSA NetWitness Orchestrator (Powered by Demisto) page on RSA Link.
- Playbook-driven automation. Leverage automated threat hunting via out-of-the-box intuitive drag-and-drop playbooks that are easy to troubleshoot and allow security analysts to start over from any point in the playbook.
- Innovative interactive investigation. Collaborative, machine-learning powered technology featuring:
- Chatops war room to better conduct conversation-driven incident response investigation and threat hunting
- Insights and investigation recommendations is provided via machine-learning chatbot to optimize incident ownership, analyst-task matching, and commonly run security actions and commands.
- Command line interface (CLI) provides real-time execution of security actions while remaining in investigation main console
- A scalable and secured multi-tenant orchestration solution RSA NetWitness Orchestrator server can be deployed both on-premise or in cloud environments, as well as support for outside of network deployment. All automation and integration activities performed in a completely isolated manner, both in execution and in rest in Docker containers.
- And many more.
RSA NetWitness Orchestrator acts as the “connective tissue” binding together the other solutions in the RSA NetWitness Platform and across your entire security infrastructure.
The RSA NetWitness Platform consists of RSA NetWitness Logs, RSA NetWitness Network, RSA NetWitness Endpoint, RSA NetWitness UEBA and RSA NetWitness Orchestrator. This complete and powerful platform combines risk intelligence and business context with advanced cybersecurity capabilities so that your organization can better detect known and unknown threats, minimize attacker dwell time and mean-time-to-respond, and lessen the impact of security incidents.
For additional information or for assistance integrating RSA NetWitness Orchestrator into your existing Security Operations Center or deployment please contact your local RSA Solution Principal and/or your local RSA Sales Team.
For additional documentation, downloads, and more, visit the RSA NetWitness Platform page on RSA Link.
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.