New RSA Security Analytics and RSA Security Operations Management solutions marry SIEM with advanced security capabilities.
The security division of EMC, RSA, has announced a new combination of products and services to help organisations mature their security operations and accelerate incident response functions while addressing traditional SIEM requirements as part of an advanced security strategy.
The offerings include a significant update to RSA Security Analytics, a new RSA Security Operations Management solution and new RSA Advanced Cyber Defense (ACD) services – RSA Retainer for Incident Response and RSA START for Incident Handling – along with new analyst-focused education modules.
The combined offerings are designed to empower companies to continuously and consistently improve management of their security incident lifecycle – from detection, to investigation, to response and learning/process improvement.
Updates to the RSA Security Analytics solution provide additional deployment options for customers to speed adoption and advance security initiatives. Featuring a new, modular architecture, RSA Security Analytics helps address key SIEM and logging requirements while reducing costs for long-term data retention. Combining SIEM with near real-time streaming analytics helps expedite incident detection and alerting while an enhanced interface incorporates visualisation capabilities to help improve identification of suspicious events.
Additionally, the new RSA Security Operations Management software and RSA ACD services are said to create a unique interoperable incident response solution with focused consultancy and education services to help customers continually improve their Security Operations over time. They include:
RSA Security Operations Management – New solution enables robust orchestration of intelligence, context, processes and resources, thereby: Centralising incident management and integrating business context; Offering best practice incident management recommendations that leverage industry-standard frameworks, as well as RSA-developed best practices; Providing a breach impact analysis framework and recommended breach response procedures; Enabling SOC managers to manage the entire IT security team and measure the effectiveness of their incident response teams.
RSA ACD Response and Learning Services – RSA Retainer for Incident Response provides an experienced RSA response team on retainer to help organisations respond to critical incidents; RSA START for Incident Handling provides forensic assessment services to help organisations proactively improve incident response procedures; New SOC/CIRC analyst-focused education modules help increase the skills of security analysts in detecting, analysing and responding to security incidents.
RSA’s new offerings are designed not only to address the everyday challenges of today’s security teams, but also to enable companies to quickly identify, respond and fully manage a crisis while, while helping them to build out mature security capabilities over time.
Jon Oltsik, senior principal analyst, Enterprise Strategy Group, commented: "Even though organisations find themselves at varying levels of maturity when it comes to advanced security operations, it’s important they employ solutions that are able to grow along with their needs.
"Integrated solutions that comprise incident detection, investigation, and response, can help organisations reduce the overall impact of security incidents on the business, meet compliance requirements, and streamline security operations."
Grant Geyer, VP, RSA Security Analytics, said: "By offering a robust set of tools and resources for incident detection and response, RSA is helping organisations advance their current capabilities, and is also providing a solid blueprint and flexible platform to more easily build and mature a Security Operation Center to address the threats of tomorrow."