RSA Archer Security Incident Management 1.3 SP1 Patch 2 is a new patch release for RSA Archer Security Incident Management 1.3 SP1 Patch 2 only supports RSA NetWitness 11.x
Overview of RSA Archer Security Incident Management - Advanced Persistent Threats (APTs) are the one constant and enterprises are centralizing incident-response teams to detect and respond to them. The Security Operations Center (SOC) is the centralized incident-response team reporting through the CSO/CISO and consisting of people, process, and technology.As customers design and deploy a SOC, there are challenges. Today, SOCs are event-focused and reactive because there is no centralization of alerts and incident management. Additionally, the incident-response team lacks business context, process, and people collaboration.As customers implement SOCs, a framework is required to seamlessly orchestrate the multiple roles, processes, and technologies. This framework should transform the overall SOC to be a consistent and predictable business process.
Security Incident Management enables enterprises to seamlessly orchestrate people, process, and technology to effectively respond to security incidents. Architected and designed by benchmarking world-class Security Operation Centers, the solution is SOC process and persona focused. Security Incident Management enables organizations to manage the overall incident response, breach response, and SOC program that is aligned to business risk. From incident response to data-breach response, the Security Incident Management solution enables organizations to manage the entire lifecycle with integrated business context and best-practices aligned with industry standards. The incident analyst, breach coordinator, and SOC manager have full visibility into the entire process lifecycle with focused workflows, dashboards, and reports. SOC Managers and the CISO can report on the overall effectiveness of the SOC program because they have full visibility to incidents and data breaches. Additionally, with intuitive dashboards, reports, and workflows, key stakeholders can be engaged throughout the incident-management process.The overall process from alert to incident investigation is automated, including workflows and integration with security-monitoring systems for alert aggregation. From a remediation perspective, any security incident requiring action from IT operations could be automated by integrating Security Incident Management with ticket management systems. Using Security Incident Management, an enterprise can manage the overall SOC program as a consistent and predictable business process.
Links to Supporting RSA NetWitness Documentation:
Links to Previous Versions of RSA Security Incident Management
RSA Security Operations Management 1.3 SP1 Patch 2 is supported on RSA Archer Platform 6.2 and higher.
RSA offers business-driven security solutions that uniquely link business context with security incidents to help organizations manage risk and protect what matters most. RSA solutions are designed to effectively detect and respond to advanced attacks; manage user identities and access; and, reduce business risk, fraud, and cybercrime. RSA protects millions of users around the world and helps more than 90% of the Fortune 500 companies thrive in an uncertain, high risk world. For more information, go to rsa.com.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.