sb-au logo
Story image

Threat intelligence has a shelf life says security exec

The security division of EMC, the RSA, has new integrated threat intelligence partners for the RSA NetWitness Suite.

RSA says the suite is designed to incorporate threat intelligence from customers, threat intelligence partners, RSA experts and the RSA customer community through Live Connect

Grant Geyer, senior vice president of Products at RSA, says that because threat actors change their tools and techniques, threat intelligence has a shelf life.

 “That means security teams need to be armed with great visibility and a variety of current sources of threat data to bring the attacks into view,” he explains.

“We are continuously expanding our ability to ingest one of the most inclusive variety of data sources, including crowdsourced and STIX formatted threat intelligence, to provide comprehensive visibility into emerging threats and empower our customers to immediately act on the valuable insights uniquely provided by the RSA NetWitness Suite across logs, packets, and endpoints.”

The organisation says its crowdsourced threat intelligence allows for faster identification of new attacks and more accurate prioritisation of incidents.

RSA will be adding both Threat Intelligence Platform (TIP) and Threat Intelligence Content (TIC) partners. 

According to the RSA, its NetWitness Suite is powered by the RSA Advanced Analytics Platform and takes in Structured Threat Information Expression formatted threat intelligence, engineered to provide enhanced security analytics.

These analytics include data science modelling, context enrichment, user and endpoint analysis, behaviour analytics, and machine learning for accelerating threat detection and rapid response. 

All of the organisations TIP partners and TIC providers are certified through the RSA Ready Partner Program.

Story image
5 ways to use data science to predict security issues - Forcepoint
Data science enables people to respond to problems in a better way, and to also understand those problems in a way that would not have been possible 50 years ago.More
Download image
Equinix study: Firms turn to NFV to support distributed networks
Decision-makers looking for a solution that virtualises a wide range of network functions should evaluate NFV, study finds.More
Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Link image
Gartner report: Why SD-WAN is becoming the de-facto option
Network service providers are increasingly challenged by established and new competition in the overlay SD-WAN management as well as in the underlay WAN transport, the report says.More
Story image
Five security challenges for the Enterprise of Things
Many enterprise networks aren't adequately managed, creating risk for businesses that don’t have full visibility into all of the devices on their network, writes Forescout regional director for A/NZ Rohan Langdon.More