Channel investors, Channel partners, Content, Security Program Controls/Technologies, Endpoint/Device Security, Security Operations

SIEM: RSA Acquires Fortscale, Exabeam Reveals Bookings Growth

Share

RSA has announced plans to acquire Fortscale, a company that combines predictive big data analytics with advanced machine learning to help organizations identify cyber threats. Full financial terms of the acquisition were not disclosed.

With the acquisition, RSA has incorporated Fortscale's embedded user and entity behavioral analytics (UEBA) capabilities into its NetWitness Platform for security information and event management (SIEM), according to a prepared statement.

A Closer Look at the Fortscale Acquisition

Fortscale provides NetWitness users with the ability to automatically identify deviations from normal user behaviors, RSA indicated. That way, NetWitness users can leverage Fortscale's UEBA capabilities to identify and evaluate compromised credentials, data exfiltration and other advanced cyber threats.

Furthermore, NetWitness helps users address and overcome common problems associated with standalone SIEM solutions, RSA noted. It reduces the need for organizations to add big data experts to their security analyst teams and requires minimal customization and no manual tuning.

RSA Launches a New Version of NetWitness

RSA has launched NetWitness version 11.1, which includes Fortscale UEBA capabilities, NetWitness Endpoint Insights and dynamic log visibility.

NetWitness Endpoint Insights is an endpoint agent that works in combination with Microsoft Windows log forwarding and filtering capabilities to perform endpoint inventory scans and provide security insights, according to RSA.

Meanwhile, dynamic log visibility ensures NetWitness users can leverage "dynamic parsing" technology to parse log data sources and access security data, RSA said.

NetWitness 11.1 is now available.

RSA Introduces NetWitness Orchestrator

In addition to NetWitness 11.1, RSA has unveiled NetWitness Orchestrator powered by the Demisto automated incident response and security orchestration platform.

NetWitness Orchestrator empowers organizations to simultaneously modernize their security operations and reduce time to remediation, create consistent and audited incident management processes and increase security analyst productivity, RSA noted.

The platform combines incident management, interactive investigations and orchestration for security operations, according to RSA. It also uses machines learning to assess past security analyst interactions and investigations and help organizations find ways to bolster their security posture.

NetWitness Orchestrator is expected to be available later this month.

Meanwhile, Exabeam Records Bookings Growth in Q1 2018

RSA is taking steps to extend its reach in the global UEBA solutions market, and SIEM and UEBA solutions provider Exabeam looks poised to do the same.

Exabeam reported 205 percent year-over-year billings growth for its Security Intelligence Platform (SIP) in the first quarter of 2018, according to a prepared statement. The company also recorded a 150 percent increase in channel-generated bookings year over year.

SIP is an end-to-end security management and operations platform. It is currently used to monitor over 4 million employees worldwide, Exabeam stated.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.