RSA updated its Archer and NetWitness platforms in a move to help organizations better manage their digital risk. The updates were announced as part of this week’s RSA security conference in San Francisco.
RSA’s Archer is a governance, risk management, and compliance (GRC) platform. NetWitness is a threat detection platform designed to sniff out anomalies in user behavior that are indicative of cyberthreats.
Amy Blackshaw, director of product marketing at RSA, said the upgrades are related. “RSA is investing in both product areas to help deliver a unified approach to advanced security operations and integrated risk management for organization to better manage digital risk,” Blackshaw explained via email. “Digital risk is the new element of operational business risk that is a consequence of introducing new technology to power digital transformation and must be managed appropriately.”
Blackshaw said that the upgrades deal with the intensity of the modern landscape. “While the major areas of risk remain the ‘usual suspects’ – such as security, compliance, resiliency, inherited risks from third parties, and operational risk – the nature of digital business amplifies the nature of risk for organizations today,” she wrote. “Factors such as these are why digital initiatives are forcing organizations to rethink and increasingly integrate their risk and security strategies.”
Upgrades to the Archer platform include:
• Migration to Amazon Web Services (AWS).
• The Third Party Governance use case now streamlines and automates third-party assessment and monitoring.
• The Data Gateway function now connects RSA Archer Integrated Risk Management to any data set without data replication.
• Role-based dashboards, search enhancements, and mobility options increase speed and flexibility into Archer.
• Machine learning (ML) and artificial intelligence (AI) now are leveraged in the platform’s Regulatory Content Analysis element.
• The “declare incident” integration between Archer and the previously launched NetWitness Evolved SIEM platform provides “a real-time view of a threat, its scope and scale.”
The NetWitness Platform is designed to help organizations fully understand and confront network attacks. “In an era of ever-expending attack surfaces, protecting against threat actors – [from] commodity malware; insider threats and crime ware; to state sponsored exploits, hacktivists, and terrorists – has become increasingly complex,” Blackshaw explained. “Disconnected silos and lack of consistent data formats across prevention platforms, inconclusive monitoring detection, or investigation technologies continue to fall short in detecting the true threats and seeing the full picture. Security tools proliferation slows down investigations.”
Upgrades to the platform include:
• Providing security personnel with “real-time, high-risk user context” enabling continuous authentication with the ability to block insider threats and malicious actors.
• User and entity behavior analytics (UEBA) that leverage endpoint and log data for visibility and actionable insights.
• The latest update to the NetWitness Endpoint platform now operates as a native endpoint detection and response solution in the evolved security information and event management (SIEM) element of the platform.