Expanded Coverage of Snort Rules
October 23, 2020
RSA NetWitness Platform 11.5 has expanded support for Snort rules (also known as signatures) that...
RSA NetWitness ESA / EPL Overview
October 22, 2020
In this video we cover some ESA EPL alerting basics and cover the EPL TryOut tool to help us...
RSA NetWitness - ESA Filtering
October 8, 2020
(view in My Videos) Notes below from the video presentation... Traditionally, ESA aggregation...
Domain Controller Takeover with Zerologon, from Compromise to Detection
September 30, 2020
Zerologon (CVE-2020-1472) is a vulnerability with a perfect CVSS score of 10/10 being used in the...
Enhanced Threat Intel support via STIX in NetWitness
September 28, 2020
RSA NetWitness has been supporting Structured Threat Information eXpression (STIX™) as it has been...
Business Context Feed: Taxonomy
September 25, 2020
A business what? A Business Context Feed is a feed that provides context about systems or data that...
Investigate 11.5 - Event Filters (Beta)
September 25, 2020
RSA NetWitness 11.5 introduces the ability to interactively filter events using the metadata...
Selective Network Data Collection
September 25, 2020
As of RSA NetWitness 11.5, configuring what network traffic your Decoders collect and to what...