DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Similar documents
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

RSA INCIDENT RESPONSE SERVICES

RSA INCIDENT RESPONSE SERVICES

RSA ADVANCED SOC SERVICES

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

RSA NetWitness Suite Respond in Minutes, Not Months

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

FOR FINANCIAL SERVICES ORGANIZATIONS

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

INTELLIGENCE DRIVEN GRC FOR SECURITY

MITIGATE CYBER ATTACK RISK

Securing Your Digital Transformation

Sustainable Security Operations

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

DATA SHEET RSA NETWITNESS PLATFORM PERVASIVE VISIBILITY. ACTIONABLE INSIGHTS.

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Symantec Security Monitoring Services

NEXT GENERATION SECURITY OPERATIONS CENTER

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

locuz.com SOC Services

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

SIEMLESS THREAT MANAGEMENT

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

SIEMLESS THREAT DETECTION FOR AWS

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

THE EVOLUTION OF SIEM

Gujarat Forensic Sciences University

TRUE SECURITY-AS-A-SERVICE

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

Moving Beyond the Heat Map: Making Better Decisions with Cyber Risk Quantification

ORACLE SERVICES FOR APPLICATION MIGRATIONS TO ORACLE HARDWARE INFRASTRUCTURES

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Vulnerability Assessments and Penetration Testing

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

GDPR: An Opportunity to Transform Your Security Operations

CYBER RESILIENCE & INCIDENT RESPONSE

Continuous protection to reduce risk and maintain production availability

Information Infrastructure and Security. The value of smart manufacturing begins with a secure and reliable infrastructure

Case Study. Encode helps University of Aberdeen strengthen security and reduce false positives with advanced security intelligence platform

Managed Endpoint Defense

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Cisco SP Wi-Fi Solution Support, Optimize, Assurance, and Operate Services

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

Un SOC avanzato per una efficace risposta al cybercrime

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Current skills gap for capable CTI analysts: Training for forensics & analysis

EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

A Practical Guide to Efficient Security Response

SOLUTION BRIEF Virtual CISO

Readiness, Response & Resilence:

SIEM Solutions from McAfee

with Advanced Protection

INTEGRATION BRIEF DFLabs and Jira: Streamline Incident Management and Issue Tracking.

CYBERSECURITY MATURITY ASSESSMENT

esendpoint Next-gen endpoint threat detection and response

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

DATA SHEET RSA NETWITNESS ENDPOINT DETECT UNKNOWN THREATS. REDUCE DWELL TIME. ACCELERATE RESPONSE.

From the eyes of a customer

FROM SIEM TO SOC: CROSSING THE CYBERSECURITY CHASM

White Paper. How to Write an MSSP RFP

Incident Response Services

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

SOLUTION BRIEF RSA NETWITNESS PLATFORM ACCELERATED THREAT DETECTION & AUTOMATED RESPONSE FROM THE ENDPOINT TO THE CLOUD

ForeScout Extended Module for Splunk

eplus Managed Services eplus. Where Technology Means More.

A Comprehensive Guide to Remote Managed IT Security for Higher Education

HP Fortify Software Security Center

Cisco Start. IT solutions designed to propel your business

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cognizant Cloud Security Solution

WHITEPAPER ENDPOINT DETECTION AND RESPONSE BEYOND ANTIVIRUS PROACTIVE THREAT HUNTING AT THE ENDPOINT

Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment

Polycom Global Services

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

THE ACCENTURE CYBER DEFENSE SOLUTION

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

IT Consulting and Implementation Services

Security. Made Smarter.

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

RSA Cybersecurity Poverty Index

to Enhance Your Cyber Security Needs

PRODUCT OVERVIEW. On-demand threat investigation, root cause analysis and remediation advice without the need for extra internal resources

Traditional Security Solutions Have Reached Their Limit

Why you should adopt the NIST Cybersecurity Framework

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Building UAE s cyber security resilience through effective use of technology, processes and the local people.

ARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin

CyberArk Privileged Threat Analytics

ITIL Intermediate Service Design (SD) Certification Boot Camp - Brochure

Integrated, Intelligence driven Cyber Threat Hunting

empow s Security Platform The SIEM that Gives SIEM a Good Name

Transcription:

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill sets, with cybersecurity skills topping the list. This trend is expected to continue for the foreseeable future, particularly when it comes to specific needs, such as advanced threat detection and maximizing the ROI on related technology investments, such as the RSA NetWitness Platform. Organizations seeking to address these challenges and complement in-house resources with additional subject matter expertise can avail of professional services from RSA Threat Detection & Response Practice, including advanced techniques on how to proactively hunt for initial signs of attack and stop the adversaries in their tracks. ADDRESSING THE RESOURCING TREND Technology expertise The RSA Threat Detection and Response Practice enables organizations to maximize the ROI on their RSA NetWitness investment by providing a holistic portfolio of solution fulfillment services. Complementary services addressing incident response and proactive hunting are offered by the Incident Response (IR) Practice. Customer requirements and expectations are best met when product deployments are adequately planned, implemented and maintained with regular upgrades and tuning, coupled with hands on knowledge transfer by our specialist IR team. RSA s range of capabilities and depth of expertise make it the partner of choice for organizations that want to maintain a security posture that evolves with the threat environment: Globally distributed team of practitioners. Trained, accredited and certified security professionals. Experience gained from thousands of engagements across a range of industries in the commercial and government sectors. Enterprise-level solution fulfillment addressing complex solution deployment requirements. Project management services to drive successful outcomes, remediate engagement risks and streamline communications. 2

RSA Solution Fulfillment Framework Services portfolio ranging from requirements analysis and solution design to deployment and go-forward solution management The RSA Threat Detection & Response and IR Practices are part of the RSA Global Services Organization, which provides a variety of additional and complementary information security services including: 3 Advanced Cyber Defense consulting services. Education services from RSA University. Product maintenance and Personalized Support Services, including Designated Support Engineer (DSE)and Technical Account Manager (TAM) from RSA Customer Support. RSA NETWITNESS PLATFORM Respond in minutes, not months The Threat Detection & Response Practice addresses solution fulfillment requirements across each of the RSA NetWitness Platform products: RSA NetWitness Network deployed to gain better network visibility and detect advanced threats and anomalies that bypass traditional defense mechanisms. RSA NetWitness Logs optimized to aggregate and correlate log data from traditional security alerting tools and mechanisms. RSA NetWitness Endpoint configured to highlight anomalies on host systems. RSA NetWitness SecOps Manager tailored to align with organizational structure and workflows while adding business context to prioritize alerting and enhance the protection of critical assets.

The portfolio includes services that accommodate differing requirements and maturity levels: Design and Implementation services to get the solution up and running, achieve early wins and accelerate time-to-value. Subscription services used throughout the year to progress the maturity of the solution and work hand in hand with the customer to identify and implement use case requirements and enhance overall solution effectiveness. The IR Practice also provides subscription services to facilitate hands-on proactive hunting conducted jointly with the customer and to relay deep technical knowledge transfer. Tuning & Optimization services recommended annually to maximize and tune solution performance, conduct minor upgrades of the environment to the latest release and implement additional features and functions such as RSA NetWitness Event Stream Analysis for correlation rules and advanced threat detection with data science modules. Performance Assessment services ongoing periodic (e.g., quarterly) reviews of the health statistics, metrics and usage activities, with recommendations for enhancement. Upgrade services implementation of major version upgrades for environments of all complexity levels. Event source integration services to accommodate the integration of log event sources, which are not otherwise supported out of the box. Custom services tailored consulting for platform migrations, technology integration, high-availability configurations, residencies, expert-on-demand staff augmentation and remote consulting. Offshore services lower-cost solution fulfillment by RSA Virtual Services Delivery (VSD) team. 4 RSA NetWitness Platform The Respond interface of RSA NetWitness is the main dashboard for initial triage, providing analysts with a nodal view and enabling them to assign, escalate and journalize the incident.

Analytic Intelligence services to share techniques that facilitate advanced threat detection. These are complementary services, such as the RSA Jumpstart for Analytic Intelligence, which is delivered by the RSA Risk and Cybersecurity Practice s Incident Response team. Offshore services lower-cost solution fulfillment by RSA Virtual Services Delivery (VSD) team. RSA NetWitness Platform The Endpoint interface displays a machine risk score based on the analysis of suspect files and libraries, which provides the analyst with a valuable tool for the detection and analysis of anomalies that have bypassed traditional defenses. 5 Security Operations Management services to support the integration of RSA NetWitness SecOps Manager with organizational Incident Response and Breach Management requirements. These are complementary services, such as the RSA SecOps Design Service, which is delivered by the RSA Risk and Cybersecurity Practice, Advanced Cyber Defense (ACD) team. Use Case Development services to address the specific threats to each organization (e.g., ransomware), including the development of the processes and procedures required at each stage of the incident management lifecycle, from detection through mitigation and lessons learned. Through a series of interviews, documentation reviews and interactive workshops, the use case objectives, threats, stakeholders, logic and testing requirements are defined and response procedure checklists are developed, providing the analyst with step-by-step instructions. Controlled Attack and Response Exercise services to review and stringently test the response capabilities of the incident response team. In a controlled attack scenario, ACD designs and conducts several capture-theflag exercises based on the customer s existing toolset and IR processes and procedures. Results are scored based on flag difficulty levels and reviewed with the customer to identify areas for improvement.

PUTTING IT ALL TOGETHER RSA targeted attack detection Security teams need to have the tools and skills to help them identify subtle indicators of compromise, because the traditional boundary protection approach has proven to be inadequate. Attackers leave clues at both the network and the host levels. This gives organizations a window of opportunity for remediation, once they have the right capabilities. RSA NetWitness provides those tools, and RSA Cybersecurity Practices provide the solution deployment, knowledge transfer and supporting skills necessary to redress the balance against attackers. In addition to these key technologies and services, customers use RSA NetWitness Live updates to enjoy ongoing access to shared intelligence resources that augment their security posture with a global, community-based world view. 6 RSA NetWitness Platform RSA Live Connect facilitates gathering, analysis and dissemination of community-based threat intelligence, enabling customers to collaborate with peers and stay ahead of adversaries.

ABOUT RSA RSA provides more than 30,000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats. With RSA Global Services capabilities and award-winning products, organizations effectively detect, investigate and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud and cybercrime. RSA Global Services also offers battle-tested expertise from our Risk and Cybersecurity Practice, which includes the Advanced Cyber Defense and Incident Response Practices. Education services are available from RSA University, and product maintenance and Personalized Support Services are available from RSA Customer Support. For more information, go to rsa.com. 7 2018 Dell Inc. or its subsidiaries. All rights reserved. RSA and the RSA logo, are registered trademarks or trademarks of Dell Inc. or its subsidiaries in the United States and other countries. All other trademarks are the property of their respective owners. RSA believes the information in this document is accurate. The information is subject to change without notice. 07/18, Data sheet, H15726 W137517.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback