Detecting Command and Control in RSA NetWitness: Cobalt Strike
May 28, 2019
Introduction Cobalt Strike is a threat emulation tool used by red teams and advanced persistent...
Detecting CVE-2019-0708 BlueKeep Remote Desktop Exploit
May 24, 2019
Summary A vulnerability exists within Remote Desktop Services and may be exploited by sending...
RSA NetWitness Endpoint 11.x vs 4.4 - Key Features/Differences
May 20, 2019
**UPDATE 09JUN2021** NW-Endpoint Quick Start NW-Endpoint 11.6 Agent Install Guide: Endpoint Agent...
Open Access to Your RSA NetWitness Network Data
May 3, 2019
Strides have been made in RSA NetWitness Platform v11.2 to provide an administrator alternatives to...
Customizing Respond Incident Notification Emails
May 2, 2019
One of the more common requests and "how do I" questions I've heard in recent months centers around...
RSA NetWitness Platform Newsletter, May 2019, Issue #2
May 1, 2019
Hi Everyone, We're excited to share our second issue of the RSA NetWitness Platform newsletter with...
Examining Threat Aware Authentication in v11.3
April 29, 2019
One of the features included in the RSA NetWitness 11.3 release is something called Threat Aware...
What's on your wire: ScreenConnect/ConnectWise
April 25, 2019
With the recent news about ScreenConnect used in data breaches, I had the opportunity to examine...
Detecting Command and Control in RSA NetWitness: Koadic
April 25, 2019
Attackers love to use readily available red team tools for various stages within their attack. They...
RSA NetWitness Platform Troubleshooting Space
April 24, 2019
There is a new space available on RSA Link: Troubleshooting the RSA NetWitness® Platform The...