Skip to content
  • There are no suggestions because the search field is empty.

RSA, The Security Division of EMC, announces the release of Security Analytics 10.6.1

Tags: RSA NetWitness Platform, Security Advisories

Advisory Type

Security


Advisory Content

Summary:

Summary:

RSA is pleased to announce the general availability of RSA Security Analytics 10.6.1

This is a service pack that includes new and enhanced features along with 52 fixes. The following are the highlights of the release. Please refer to product documentation for further details.

RSA Live Connect a community driven cloud based threat intelligence service is introduced. It enables bi-directional sharing of information with trusted circles. With Threat

Insights, analysts can now quickly gain IP based insight from peers in the community during investigations. UsingAnalyst Behaviors analysts can share intelligence with the community.

STIX (Structured Threat Information Expression) is added as a new type of Feed to enable open standards exchange of Intelligence from wide variety of private and public sources.

ESA enhancements include flexible warm-up period control, audit logging of ESA rules and wildcard support for domain whitelisting. 

Log Collector now has enhanced log parsing and parser mapping.  Specific types of events can be filtered in Windows Legacy Collector and windows event logs can be generated in .evtx format.

Reporting enhancements include sharing dashboards, setting up favorite dashboards, syntax validation enhancements to App rules and custom report output formats.

Investigation enhancements include event reconstruction limit override by analysts during investigation, ranges in IPV6 addresses, out-of-the-box meta groups and profiles.

Administration has enhanced audit log, support for server prefix on the browser, CRL and certificate expiry notifications.

Context Hub now adds community intelligence from RSA Live Connect to its already existing custom lists, ECAT and Incident Management data.

Further, in this release RabbitMQ, MaxMind DB and Esper are upgraded to their latest versions.

For additional documentation, downloads, and more, visit the RSA Security Analytics" data-type="space page on RSA Link.

EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle​ for additional details.