NetWitness announced NetWitness XDR, a family of products and
capabilities delivering comprehensive detection and response on premise,
in the cloud or as a hybrid of the two. This new offering and product
architecture delivers the full range of deployment options enterprises
seek today to meet their unique cybersecurity needs and use cases.
NetWitness
XDR delivers a robust set of capabilities enabling extended detection
and response (XDR) and helping customers stay ahead of the most
sophisticated cyber threats. These include:
- Unified collection, data, and visibility across multiple security layers
- Automatic enrichment of data using any technical or business source
- A wide toolset of detection technologies including, but not limited to, advanced behavioral analysis
- External and internal threat intelligence to identify known security risks and threat actors
- Truly insightful context, visualization, and investigation tools
- Threat hunting tools and methodologies to identify previously unknown threats
- Highly repeatable and measurable incident investigation and response processes
- A strong array of both automated and human response options
"NetWitness
has enjoyed the trust of some of the world's most security sensitive
organizations because of its unique ability to monitor the entire attack
surface across the network, endpoint, cloud, IoT, logs and more," said
CEO of RSA and NetWitness, Rohit Ghai. "We have been delivering XDR
capability to the market for several years and today we are delighted to
announce new innovations in the platform and reintroduce it to the
market as NetWitness XDR."
Under
this new model, NetWitness XDR will be comprised of three main product
lines that showcase its uniquely powerful support for all XDR use cases.
NetWitness Platform XDR 12 is the newest major release of NetWitness
Platform. This technology stack, typically deployed as customer-managed
software or hosted by MSSPs, has been enhanced to focus on detection
capabilities that identify threats faster and decrease their impact. The
company's new cloud-native SaaS version will be known as NetWitness
Vision XDR and is currently in design preview. The third product line,
NetWitness XDR Cloud Services, is a set of optional SaaS applications
that take advantage of the cloud's inherent elastic nature to deliver
flexible and cost-effective components which can be used to augment
either Platform XDR or Vision XDR.
"Our
network-forward approach allows us to stand out in this emerging space
and highlights NetWitness XDR's ability to detect across customers'
growing number of systems and devices," said Director of Product
Management and Research, Kevin Bowers. "We are embracing the belief that
the best XDR must be consumable on prem, in the cloud, and hybrid."
Developed
initially in 1996, NetWitness began as a government-sponsored research
project to inspect network packets for cyberthreats and tools to detect
and respond to them. Since then, the technology has continuously evolved
and been innovated to tackle today's most complex attacks. NetWitness
now features fully integrated components for network, log, endpoint and
IoT detection and response that drive its threat intelligence and
security orchestration platform, NetWitness Orchestrator. With its long
history and global footprint, NetWitness XDR integrates directly with
the world's most critical and widely deployed tools, as well as many
specialized and industry-specific solutions.