RSA Security Operations Management (SecOps) 1.1 is available --- CLICK HERE to be directed to that page.
Overview of RSA Archer Security Operations Management (SecOps)
Advanced Persistent Threats (APTs) are the one constant and enterprises are centralizing incident-response teams to detect and respond to them. The Security Operations Center (SOC) is the centralized incident-response team reporting through the CSO/CISO and consisting of people, process, and technology.
As customers design and deploy a SOC, there are challenges. Today, SOCs are event-focused and reactive because there is no centralization of alerts and incident management. Additionally, the incident-response team lacks business context, process, and people collaboration.
As customers implement SOCs, a framework is required to seamlessly orchestrate the multiple roles, processes, and technologies. This framework should transform the overall SOC to be a consistent and predictable business process.
RSA Archer Security Operations Management (SecOps)enables enterprises to seamlessly orchestrate people, process, and technology to effectively respond to security incidents. Architected and designed by benchmarking world-class Security Operation Centers, the solution is SOC process and persona focused. SecOps enables organizations to manage the overall incident response, breach response, and SOC program that is aligned to business risk.
From incident response to data-breach response, the SecOps solution enables organizations to manage the entire lifecycle with integrated business context and best-practices aligned with industry standards. The incident analyst, breach coordinator, and SOC manager have full visibility into the entire process lifecycle with focused workflows, dashboards, and reports.
SOC Managers and the CISO can report on the overall effectiveness of the SOC program because they have full visibility to incidents and data breaches. Additionally, with intuitive dashboards, reports, and workflows, key stakeholders can be engaged throughout the incident-management process.
The overall process from alert to incident investigation is automated, including workflows and integration with security-monitoring systems for alert aggregation. From a remediation perspective, any security incident requiring action from IT operations could be automated by integrating SecOps with ticket management systems.
Using SecOps, an enterprise can manage the overall SOC program as a consistent and predictable business process.
Previously announced, RSA Asset Criticality Intelligence (ACI) and RSA Advanced Incident Management for Security (AIMS) are now SecOps features. SecOps is the next step in maturing the overall SOC implementation for effective incident response, breach response and the overall SOC program management.
RSA publicly announced the new SecOps solution at RSA Conference Europe, a Press Release and Blog is available for more information. A webcast is also planned for the new SecOps solution on November 21, 2013, register for the RSA Live Webcast for more details and demonstration of SecOps.
RSA, the Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments. Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention (DLP), continuous network monitoring, and fraud protection with industry leading GRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.