RSA today announced a new solution designed to automate the identification, prioritization and resolution of enterprise security incidents and enabling CISOs to visualize and prioritize security threats while reducing the time-consuming investigation processes.
The somewhat generically named “RSA™ Solution for Security Incident Management,” is designed to enable security analysts to focus on the security risks most likely to impact business objectives with more complete information to manage the resolution of those incidents.
A plug-and-play integration framework streams incidents in real-time from RSA enVision® platform to the RSA Archer™ eGRC platform. Identified incidents are then prioritized against data loss, identity, vulnerability, configuration and forensics feeds from RSA and other vendor platforms, providing complete context of events and their impact to the organization. This first integration of real-time SIEM feeds into a flexible GRC business workflow provides out of the box templates, flexible workflows, alerts and role-based dashboards to efficiently manage the remediation of security incidents.
"When you're responding to a security incident, it's vitally important that you have as much information at your fingertips as possible – information about where the attack is coming from, the systems at which it is aimed, and most importantly, its potential impact on the business," said Jim Raub, Senior Director, Information Security and Compliance, PAETEC.
In addition to the RSA Incident Management solution, EMC announced a professional services assessment called the Target Capabilities Assessment for Security Information and Event Management. The new service is designed to help customers expand beyond log management and accelerate their business-focused SIEM and eGRC program design and execution.
"Our strategy is to bring together an integrated set of solutions and services into our overall strategy that will provide organizations with correlated, contextual and comprehensive view of their security landscape," said Dan Schiappa, Senior Vice President, Products, RSA, The Security Division of EMC. "By collecting what were once isolated technologies, inputs and feeds into an integrated set of views and workflows, security teams will gain new abilities to prioritize threats according to their business impact and manage risk and compliance issues in a real-time, consistent and repeatable way."
The RSA Solution for Security Incident Management will be generally available to customers this quarter. EMC Professional Services are generally available to customers now.