Partners

     

RSA

Strategy: Intelligence Driven Security

RSA, The Security Division of EMC, is the premier provider of intelligence-driven security solutions. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges: managing organizational risk, safeguarding mobile access and collaboration, preventing online fraud, and defending against advanced threats. RSA delivers agile controls for identity assurance, fraud detection, and data protection; robust Security Analytics and industry-leading GRC capabilities; and expert consulting and advisory services.

To prevent inevitable breaches from causing damage or loss, Intelligence Driven Security delivers three essential capabilities: visibility, analysis, and action.

Visibility

To design optimal defense strategies and prioritize activities, organizations need more visibility into risk. This includes network and endpoint visibility, which must go from today’s limited emphasis on logs and events down to the packet and session level in order to spot faint signals that indicate advanced threats. Digital identities are also key; organizations need to understand who and what are on their networks, what they are doing, and whether that behavior is appropriate. Finally, enterprises need transaction visibility: an understanding of what’s happening inside key applications.

Analysis

Analysis involves understanding normal state behavior and then looking for anomalies. By knowing what is “normal,” an organization can spot, investigate, and root out abnormalities that result from malicious activity. Once an anomaly is discovered, contextual analysis determines the appropriate response.

Action

Action is the response to confirmed malicious anomalies. Rapid action allows organizations to mitigate potential threats by enforcing such controls as access restrictions or additional authentication. Action also includes remediation processes and activity. The key to success is consistency, so that each time an analysis finds something potentially threatening the organization can “operationalize” the response.

X