RSA last week launched its Security Analytics solution in the UAE, promising to leverage big data in order to provide the visibility and context required to help defend against advanced security threats.
The new Security Analytics fuses SIEM, network forensics and big data analytics into a security platform that will, according to RSA, become the cornerstone of next-generation security operations centres.
The solution is built on the architecture of NetWitness technology, which is “proven” to help organisations defend their digital assets, RSA said.
RSA said that current security technologies, including SIEM tools, fall short in the area of providing deep enough visibility into today’s cyber threats, adding that they cannot scale properly to meet analytics needs.
Security Analytics, however, is scalable, and is engineered to cut the time required for security investigators to discover threats, thanks to harnessing big data. RSA claimed that this time could be reduced from days to minutes for a small to medium enterprise, or weeks to hours for a large enterprise.
“RSA Security Analytics is designed to revolutionise traditional security practices, such as monitoring and threat detection, to detect threats missed by traditional, signature-based technology – thereby helping to both reduce hackers’ ‘free time’ and the time and cost associated with investigation and response,” said Ahmed Abdella, Regional Manager, Turkey, Emerging Africa and Middle East, RSA.
The Unified Platform included in Security Analytics allows for security-relevant data, including full network packets, logs, to be captured and quickly analysed to speed up the detection of potential threats, RSA said.
It can also enable a much larger-scale collection of data, the security vendor added.
During a demonstration, RSA showed an IT manager using the software to detect suspicious activity on the company’s network. The activity showed one company email address in particular that was apparently spamming the rest of the office email system.
Having detected the threat within minutes, the IT manager was able to warn employees about the piece of malware that the email address was sending out, as well as notify RSA, which would take further action.
“We’ll never be able to 100 percent rid the world of cyber threats, but this system drastically improves the time it takes to detect and respond to threats,” Abdella said, following the demo.
Experts agree that big data could certainly help when it comes to security: “The sophistication of advanced attacks and the associated malware is growing every day, testing the limitations of existing security analytics tools,” said Jon Oltsik, Principal Analyst, Enterprise Strategy Group.
“The big data phenomenon could help address this situation for security professionals, making it important for orgnisations to rethink their choice of security solutions. Marrying intelligence-driven security with big data analytics has the potential to help enterprises address the complex problem of advanced threats and thus meet a significant need in the marketplace.”
