We’re very excited to announce that today we released RSA Security Analytics 10.5! This release is by far the most tested and highest rated release of Security Analytics (SA) to date! We’ve added several new features we think you’ll love including cloud visibility, data privacy options and a new option to leverage a usage-based packaging and pricing model. Here is a summary of the highlights:
Enhanced Collection and Visibility Capabilities:
- Introduction of log collection from Cloud environments with initial support for Amazon Web Services Cloudtrail as an SA supported log source.
- Enhanced visibility by integrating RSA Web Threat Detection (WTD) with SA Incident Management to help centralize management of internal and external threats.
Enhanced Investigation Capabilities:
- Reconstruction enhancements to provide analysts with improved reliability of web page reconstruction.
- Enhancements to facilitate the analysis of fragmented sessions.
- Streamlined workflow and improved performance and inline tooltips and online contextual help.
Enhanced Analytics & Incident Management: (Note: Requires Event Stream Analytics)
- Workflow enhancements for Rule Builder including contextual help.
- Enhanced Alert enrichment options based on custom DB sources.
- Introduction of Trial Mode Rules. This feature allows for content authors to more easily test and deploy testing rules while limiting effects on their production environment
- Incident Management Dashlets and timeline views.
Enhanced Health & Wellness Capabilities:
- Introduction of Policy and Group configurations. Configuration options facilitate administrative workflows for defining/editing Health and Wellness policies as well as adding services and hosts to their environment.
- Enhancements for threshold alerting via SMTP and console.
Enhanced Platform Capabilities:
- Introduction of usage-based packaging and pricing for throughput per day of packets or logs.
- Trust-based licensing model with out-of-the-box activation.
- Introduction of Data Privacy capabilities that enable administrative options to obfuscate meta fields associated with identity-based logic as well as restrict access to data based on an organization’s data privacy regulations.
- Enhancements for User Audit Logging.
For more information you can also check out a few words from our VP himself - Grant Geyer See Everything. Fear Nothing. - EMC PulseEMC Pulse
If you have any questions feel free to reply to this thread or directly to one of the Security Analytics team members. Happy hunting!