How to handle a request for information on Access Control and Data Security in RSA Web Threat Detection

3 years ago

Originally Published: 2016-09-12

Article Number

000053765

Applies To

RSA Product Set: Web Threat Detection
RSA Product/Service Type: Forensics
RSA Version/Condition: 4.6, 5.x, 6.0

Issue

Our Customers may be undergoing internal IT audits or industry audits, like PCI, and require some information about WTD. We have seen that some auditors are requesting information regarding the WTD software, specifically the encryption methods that are used.

Questions that may be asked include:
1) What cryptographic algorithm was used?
2) Is there encryption key rotation or digital certificate renew in place? If yes, how often?
3) What’s the encryption key length, if symmetric key or asymmetric key, is used?
4) Does the encryption generation method or algorithm comply with X.509 standards and produce x.509 compliant keys?

Resolution

Here are current best answers to the questions above.

1) What cryptographic algorithm was used? This should consider data in motion versus data at rest.

See attached document that covers the certificates and how they encrypt the data throughout the environment.
It is from v3.1 but recently confirmed with Engineering that it is still accurate.
(There is a Document Enhancement Request to update this to current versions 6.x)

2) Is there encryption key rotation or digital certificate renew in place? If yes, how often?

No, Keys are generated at install and will have to be replaced manually.

3) What’s the encryption key length if symmetric key or asymmetric key is used?

The keys created at startup are 4096 bit RSA.

4) Does the encryption generation comply with X.509 standards and produce x.509 compliant keys?

Yes.

Don't see what you're looking for?

Related Articles

Trending Articles