Security Experts:

Connect with us

Hi, what are you looking for?


Malware & Threats

RSA Security Analytics Uses Big Data To Catch More Threats

RSA, The Security Division of EMC on Wednesday launched RSA Security Analytics, a new unified platform that the company hopes will be the cornerstone of next generation security operations centers.

RSA, The Security Division of EMC on Wednesday launched RSA Security Analytics, a new unified platform that the company hopes will be the cornerstone of next generation security operations centers.

According to the company, the platform is designed to leverage the power of Big Data to provide visibility and context in order to help identify and defend against advanced threats.

RSA Security Analytics is built on the architecture of RSA NetWitness, technology the company gained as a result of its 2011 acquisition of NetWitness. RSA Security Analytics fuses SIEM, Network Forensics, & Big Data analytics, the company said. 

RSA Bets on Big Data

The move to integrate big data into its latest security analytics offering is hardly surprising. Earlier this month, the veteran security firm shared its thoughts on Big Data’s place in the security world, saying it would transform IT security as the industry shifts towards intelligence-driven security models.

“Organizations will shift to using big data analytics within the next few years to intelligently assess threats and risks and make better security decisions,” RSA said in a security brief released Jan. 17. The intelligence gleaned from unstructured data will allow enterprises to drive major changes in conventional security controls such as anti-malware, data loss prevention, and firewalls, RSA said at the time.

RSA claims that current security technologies, including SIEM tools, cannot provide deep enough visibility into today’s threats, and often cannot scale to today’s analytic needs.

The integration of Big Data platforms and analytics into security tools gives a significant advancement to how security is performed, RSA said.

RSA Security Analytics Screenshot

According to the company, RSA Security Analytics is designed to deliver:

Quick Capture and Analysis – Security-relevant data, including full network packets, logs, and threat intelligence, are captured and quickly analyzed to speed up the detection of potential threats.

High Powered Analytics – Enables much larger-scale collection of data and empowers new analysis methods over that of traditional SIEM-based approaches to security.

Integrated Threat Intelligence – Helps organizations operationalize the use of threat intelligence feeds to accelerate detection and investigations of potential attack tools and techniques targeting the enterprise.

Context for Threats – Through integrations with the RSA Archer GRC platform and RSA Data Loss Prevention (DLP) suite, and by fusing data produced by other products, analysts can use business context to prioritize and allocate resources to the threats which pose the greatest risk.

Malware Identification – Using a variety of investigative techniques, the solution identifies a much wider range of malware-based attacks.

Automates Compliance Reporting – Helps enable compliance as an outcome of good security practices.

RSA’s announcement of integrating Big Data into its security analytics platform came on the same day that IBM made a similar announcement. IBM, in an effort to help customers detect threats hidden within the massive amounts of data that reside within enterprise walls, on Wednesday announced “IBM Security Intelligence with Big Data”, an offering that combines security intelligence with big data analytics capabilities. 

“Marrying intelligence-driven security with Big Data analytics has the potential to help enterprises address the complex problem of advanced threats and thus meet a significant need in the marketplace,” Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group said in a statement.

RSA Security Analytics is available immediately worldwide as a software solution or as an appliance.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.