RSA SIEM

RSA Security Information and Event Management (SIEM): A security system that provides pervasive infrastructure visibility, enables actionable intelligence and immediate threat investigations, and initiates automated security-incident remediation.

RSA SIEM Products

RSA enVision

Collect, archive, analyze, and report on log data to ease compliance and enhance security

RSA NetWitness

Gain situational awareness of everything happening on your network through network security monitoring.

RSA SIEM Details

New IT security threats demand a new approach to Security Information and Event Management (SIEM).

Until recently, SIEM systems have been deployed primarily for compliance purposes. But good compliance programs do not necessarily result in effective security. Security teams need a SIEM system which is tuned to the needs of security without sacrificing ease of compliance.

Security organizations need a SIEM system that can handle a much greater variety and volume of data, while also providing security investigators with analytic tools that quickly lead them to their most pressing security issues.

To be truly prepared, security teams also need actionable threat intelligence covering the latest tools, techniques, and procedures in use by the global attacker community.

RSA Security Information and Event Management represents a new class of SIEM system specifically designed to address these security challenges.

Icon: Binoculars in Front of Networked Globe

Infrastructure Visibility

Fuse network packets and logs to gain pervasive visibility.

Icon: Magnifying Glass over Exclamation Point

Actionable Intelligence

Glean security intelligence from petabytes of data and external threat-intelligence feeds.
Icon: Magnifying Glass over Networked Globe.

Security Investigations

Leverage specialized data-driven and malware-focused investigative functions.

Icon: Clipboard

Optimized Security Incident Management

Integrate with workflow-enabled incident-management systems.