RSA Revolutionizes Situational Awareness, Providing Real-Time Visibility into The Most Complex Cyber Threats

RSA NetWitness Panorama™ Module Unifies Pervasive Network Monitoring and Log Data to Deliver Complete View of Potential Threats

RSA enVision® 4.1 SIEM Platform Improves Speed and Simplicity for Real-Time Queries and Reporting, Enabling Faster, More Granular Investigations of Events and Log Data

Black Hat, LAS VEGAS, Nev. - RSA, The Security Division of EMC (NYSE:EMC), today announced a revolutionary approach to situational awareness for information security with the launch of RSA NetWitness Panorama™ technology and enhancements to its RSA enVision® Security Information and Event Management (SIEM) platform. These improvements are designed to provide customers with the ability to better identify and combat today’s advanced threats.

RSA NetWitness Panorama, a new module in the RSA NetWitness family, delivers innovation in security analytics through the fusion of hundreds of log data sources with external threat intelligence. Combined with RSA NetWitness, enterprises can now have extraordinarily broad and robust high-speed visibility into the critical information needed to help detect today’s targeted, dynamic and stealthy attack techniques. RSA NetWitness Panorama may be deployed in three ways: as an extension to RSA NetWitness installations to combine the diverse information contained in log files with the deep content of full traffic capture, alongside RSA enVision for fast security analytics across the volumes of log data collected by RSA enVision, or as a standalone log analytics module with or without other 3rd party SIEM tools.

“Customers are wrestling with the need to use a variety of data sources both to demonstrate compliance and to combat advanced threats,” said Amit Yoran, Senior Vice President and General Manager, Security Management and Compliance Business, RSA, The Security Division of EMC. “Log management and SIEM technologies are important elements of incident and threat management processes, but have been constrained by a lack of a common lexicon, scalability, and the agility to adapt to the ever-changing threat landscape. Our enhancements to RSA enVision make it a more powerful tool for compliance reporting and also for analysis of log data as part of the security process. And, by providing native, cross-environment visibility and threat-informed analytics across log data and full packet capture, RSA NetWitness Panorama technology offers security teams an unprecedented view of organizational activity across even more of their IT infrastructure.”

RSA NetWitness Panorama Module Delivers Situational Awareness

RSA NetWitness Panorama technology is designed to apply a host of NetWitness innovations to make log data an active part of security operations. Those innovations are engineered to include:

- Interactive data-driven analysis of over 200 different enterprise log formats leveraging RSA enVision content definitions
- Award-winning, patented, drill-down analysis that works over network sessions and log data
- Mature threat intelligence combined with log data for better context of threats, automating a key part of the information sharing process around threats
- Data presented the way expert security analysts investigate advanced threats, enabling more insightful analysis
- Scalability and speed from the RSA NetWitness platform enabling fast, actionable log analytics
- High speed connector from RSA enVision to the RSA NetWitness Panorama module, enabling richer data feeds into RSA Netwitness Panorama in side-by-side deployments

The RSA NetWitness Panorama module can either consume syslog data directly or gain richer data via direct feeds from the RSA enVision SIEM platform to provide even greater context for investigations and incident response.

“Enterprises continue to struggle to achieve adequate visibility into a variety of advanced, targeted and layered threats that evade detection by traditional approaches to incident management,” said Lawrence Pingree, Research Director, Gartner. “Combating these attacks requires security teams to think differently about how they can achieve situational awareness. The ability to understand complete security context is significantly enhanced through the fusion of disparate security events in conjunction with protocol level visualization, and is an essential component to the efficiency of today’s security operations and incident response triage procedures.”

RSA enVision Enhancements Improve Speed of Investigations

Enhancements to the RSA enVision SIEM platform are designed to increase the speed and simplicity of ad-hoc queries against log data, while improving report management capabilities. Customers can now execute queries for investigation and incident response across large volumes of log data with up to 10X improvements in response time over the previous version. RSA enVision 4.1platform is also engineered to enable RSA enVision ES centralized deployments to be run as a fully virtual machine and offers virtual collectors for RSA enVision LS distributed deployments, making it simpler for customers to implement consistent security and compliance across physical and virtual infrastructures. The performance improvements of ad-hoc queries in the RSA enVision 4.1 platform help deliver the speed and flexibility critical for log-specific investigations and forensics.

RSA NetWitness Panorama is available in Beta Q3, 2011 and will be generally available in Q4, 2011. RSA enVision 4.1 will be generally available in Q3.

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world’s leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing physical, virtual and cloud environments. For more information, please visit www.RSA.com and www.EMC.com.


RSA, EMC, enVision and Panorama are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other company and product names may be trademarks of their respective owners.

This release contains “forward-looking statements” as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (iv) competitive factors, including but not limited to pricing pressures and new product introductions; (v) component and product quality and availability; (vi) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (vii) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (viii) the ability to attract and retain highly qualified employees; (ix) insufficient, excess or obsolete inventory; (x) fluctuating currency exchange rates; (xi) threats and other disruptions to our secure data centers or networks; (xii) our ability to protect our proprietary technology; (xiii) war or acts of terrorism; and (xiv) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.