RSA NetWitness Suite certified for US Department of Defense Information Network

RSA announced on Monday that RSA NetWitness Suite has been added to the United States Department of Defense Information Network (DoDIN) Approved Product List (APL).  

The RSA NetWitness Suite is an evolved SIEM that meets all joint interoperability requirements in accordance with the unified capabilities requirements.  To receive this certification, products undergo rigorous testing to determine compliance with the DoD security functional requirements and security best practices.

Due to the DoD’s extensive testing criteria, agencies often look to the DoDIN APL when considering SIEM solutions for their short list.  Currently, the RSA NetWitness Suite is the only evolved SIEM providing visibility and threat detection across logs and network data in a single unified platform currently on the list.

The DoDIN APL approval of the RSA NetWitness Suite Rel. 10.6.3 TN 1628501 as an Intrusion Detection and Protection System (IPS/IDS) document is posted on the DoDIN APL site.

Elements of the RSA NetWitness Suite that are added to the APL include RSA NetWitness Logs & Packets designed to improve visibility by delivering advanced threat analytics across environments — on-premises, virtualized infrastructure, or in the cloud on Amazon Web Services (AWS) and Microsoft Azure.

The RSA NetWitness Suite is engineered to immediately identify high risk security threats, optimize security processes to reduce attacker dwell time, and prioritize the threats that matter most for rapid response. The RSA NetWitness Suite is an evolved SIEM designed to bring together log, network packet and endpoint data with business insights and threat intelligence into one, non-siloed analytics engine to find attacks that could otherwise go undetected.

The end-to-end visibility and use of correlated metadata within a single platform to detect and respond across logs, packets, and NetFlow distinguishes RSA NetWitness Suite from other solutions in the market. RSA NetWitness Suite is designed to leverage machine learning techniques to look for anomalous behaviors that, in turn, can be used to identify threats.

For example, the Command & Control for logs and packets detection capability helps identify connections to malicious servers as well as identify nation state threat actor activity. The features leveraged involve traffic patterns and attributes for the domain to which a connection is being made, to deliver information regarding the full scope of the attack. It is these advanced threat detection and forensic capabilities that organizations which are constantly under fire with cyber threats can depend on to remain vigilant and help protect their citizens’ data.

“Today’s announcement is another proof point that demonstrates the RSA NetWitness Suite is ready to help security teams in some of the most mission critical and highly targeted environments. For years, governmental and military institutions around the world have depended on the RSA NetWitness Suite to protect them, their mission and ultimately their citizens.” said Mike Adler, vice president of product, RSA NetWitness Suite. “The Department of Defense Joint Interoperability Test Command (JITC) put the Suite through a rigorous testing process and we’re proud to have passed and been added to the exclusive Approved Product List”

Leave a Reply

WWPI – Covering the best in IT since 1980