RSA SIEM
RSA Security Information and Event Management (SIEM): A security system that provides pervasive infrastructure visibility, enables actionable intelligence and immediate threat investigations, and initiates automated security-incident remediation.
RSA SIEM Products
 |
RSA enVisionCollect, archive, analyze, and report on log data to ease compliance and enhance security |
|
|
RSA NetWitnessGain situational awareness of everything happening on your network through network security monitoring.
|
RSA SIEM Details
New IT security threats demand a new approach to Security Information and Event Management (SIEM).
Until recently, SIEM systems have been deployed primarily for compliance purposes. But good compliance programs do not necessarily result in effective security. Security teams need a SIEM system which is tuned to the needs of security without sacrificing ease of compliance.
Security organizations need a SIEM system that can handle a much greater variety and volume of data, while also providing security investigators with analytic tools that quickly lead them to their most pressing security issues.
To be truly prepared, security teams also need actionable threat intelligence covering the latest tools, techniques, and procedures in use by the global attacker community.
RSA Security Information and Event Management represents a new class of SIEM system specifically designed to address these security challenges.
|
|
Infrastructure VisibilityFuse network packets and logs to gain pervasive visibility.
|
|
|
Actionable IntelligenceGlean security intelligence from petabytes of data and external threat-intelligence feeds.
|
 |
Security InvestigationsLeverage specialized data-driven and malware-focused investigative functions.
|
|
|
Optimized Security Incident ManagementIntegrate with workflow-enabled incident-management systems.
|
