RSA Advanced Threat Management Solution

    • Defend against advanced threats by identifying, protecting, and rapidly responding to security incidents to minimize their effect on the business


      Pervasive Infrastructure Visibility

      RSA gives collection without limitations and unified visibility into network and log data with a single place to view data about advanced threats


      In-Depth Investigation

      Interactive data-driven analysis and intuitive tools for investigation presented for rapid analysis, with detailed drill down and incorporation of business context to better inform the decision-making process.


      Actionable Intelligence

      Efficiently glean intelligence from terabytes of data with tools that hone in on the most suspicious users and endpoints connected to your infrastructure. You also get correlation of threat intelligence feeds from a community of experts.


      Optimize Incident Management

      A workflow system to define and activate response processes, plus tools to track current open issues, trends, and lessons learned. Integration with RSA portfolio and third party tools allows for the exchange of vast security data.


      Flexible Deployment

      Avamar Data Store scales to 124 TB of deduplicated capacity. For additional performance and scalability, Avamar can be deployed in an integrated solution with EMC Data Domain systems.

    • Solution Description

      Defending against advanced threats requires an adaptive approach, oversight of processes and reporting key metrics. Unlike traditional signature based/end point security solutions, RSA provides an integrated set of tools and services that can easily fit into your existing environment, enabling you to identify, protect, and respond to security incidents rapidly.

      RSA provides the most complete product set designed to find and address the unique characteristics of advanced threats that help your organization be:

      • Better prepared to manage and respond to advanced threats – RSA provides a platform to manage a large number of log events with full network packet capture and customizable dashboards for viewing threat and vulnerability information. It also delivers real-time and scalable network forensics platform with session replay, signature-free analytics, automated advanced threat and zero-day malware analysis.
      • Better positioned to identify, prioritize and respond to attacks – RSA delivers internal and external threat intelligence with the industry's broadest multi-language forensic and investigation capabilities. You can leverage integration with major security intelligence feeds and foundational enterprise security products such as SIEM, IDS, and Next-gen Firewalls
      • More coordinated with visibility and reporting across the extended enterprise – RSA solutions are designed to support both IT and Business aspects of managing advanced threats, including identifying key critical assets, managing crisis plans, internal and external communication, and tracking of response activities.
    • Products

      • RSA Archer Threat Management
        Consolidates threat data and reports on threat remediation activities, enabling a consistent, repeatable threat management process.
      • RSA Archer Incident Management
        Centralize and streamline the security investigations response process and prevent attacks before they affect your organization.
      • RSA ECAT
        RSA ECAT detects targeted endpoint threats such as zero-day advanced malware attacks by leveraging innovative live memory analysis.
      • RSA CyberCrime Intelligence Service
        Gain insight, uncover malware, and remediate incidents of potential data exposure.
      • RSA Security Analytics
        Provide enterprise-wide visibility into network traffic and log event data to reduce attacker free time from weeks to hours.