Open Access to Your RSA NetWitness Network Data
May 3, 2019
Strides have been made in RSA NetWitness Platform v11.2 to provide an administrator alternatives to...
Customizing Respond Incident Notification Emails
May 2, 2019
One of the more common requests and "how do I" questions I've heard in recent months centers around...
RSA NetWitness Platform Newsletter, May 2019, Issue #2
May 1, 2019
Hi Everyone, We're excited to share our second issue of the RSA NetWitness Platform newsletter with...
Examining Threat Aware Authentication in v11.3
April 29, 2019
One of the features included in the RSA NetWitness 11.3 release is something called Threat Aware...
What's on your wire: ScreenConnect/ConnectWise
April 25, 2019
With the recent news about ScreenConnect used in data breaches, I had the opportunity to examine...
RSA NetWitness Platform Troubleshooting Space
April 24, 2019
There is a new space available on RSA Link: Troubleshooting the RSA NetWitness® Platform The...
Scheduled and Ad-Hoc ESA Alerts
April 23, 2019
Quite frequently when testing ESA alerts and output options / templates, I have wanted the ability...
Detecting DNS Tunnel Activity in RSA NetWitness
April 22, 2019
Introduction There are many, many ways to exfiltrate data from a network, but one common way to do...
Understanding and Creating RSA NetWitness Endpoint Alerts in v11.3
April 21, 2019
The complete overhaul of NW-Endpoint 4.4 into NW-Endpoint 11.3 includes (among many changes) a...
Detecting Lateral Movement in RSA NetWitness: Smbexec
April 17, 2019
Introduction Lateral movement is a technique that enables an adversary to access and control remote...