NetWitness Platform Primary Use Case
We use the solution for incident management. We are working on making the incident workflow smarter. So, the solution helps us there.
View full review »Generally, we use the solution for network forensics. It allows us to do visual data detection and prevention.
View full review »RR
Raul Rawat
Senior consultant Cybersecurity
It's a log management solution where we have logs from different sources, like network devices, firewalls, load balancers, IT, application servers, and database servers. We also use it for compliance and governance. Our cyber security team uses it to monitor malicious activity across our IT infrastructure.
View full review »Buyer's Guide
NetWitness Platform
April 2024
Learn what your peers think about NetWitness Platform. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
769,065 professionals have used our research since 2012.
RP
Rahul Patel
Cyber security Lead at a manufacturing company with 1,001-5,000 employees
The RSA Netwitness packet plays a major role in identifying cyber attacks from different sources. We integrated in a very large environment, deploying it in a container corporation in India. The company has around 86 locations across the country. Another use case of RSA is for running full scans and the third use case is for blocking malware and viruses. Nowadays, people hide behind encaptured networks and use proxies to look through the door. Then they'll try to come in.
AR
reviewer2256927
Head of Information Security, Cyber Defense and IT Risk Management at HCT. at a transportation company with 201-500 employees
It is an SIEM solution used regularly as a part of the SOC to collect data from all the security environments in my company.
View full review »We have been using the RSA SIEM with the NetWitness Platform for a long time.
ST
reviewer1486083
Manager at a comms service provider with 10,001+ employees
RSA NetWitness Logs and Packets are used exclusively for monitoring scenarios, insider threat analysis, and log retention.
View full review »We provide NetWitness along with Archer, and multiple sites. We are managing their security operations using this other station and Archer. A collector can work in two different ways. It can collect the logs, and it can aggregate the traffic tools from different net flow logs. When I saying "logs," I mean a log collector and when I say "packet," that means the packet or log connector.
View full review »The primary use case for the NetWitness Platform is within large companies, particularly in their internal security operation centers (SOCs). They utilize the platform for block collections from the entire company, including subsidiaries, enabling comprehensive security monitoring and analysis. It supports functions such as collections and correlation. Additionally, some licenses may include XDR capabilities. NetWitness stood out for many customers as it was one of the first solutions to collect blocks from endpoints, networks, and logs simultaneously, providing a unified view of security events.
View full review »SM
reviewer1130436
Information Technology Security and Infrastructure Expert at a government with 201-500 employees
I use the solution in my company for packets mainly and log analytics.
View full review »LB
reviewer1417383
Presales Manager at a tech services company with 51-200 employees
This solution is deployed on-premise.
View full review »MS
Mahesh Suryawanshi
Program Manager at EGYANAM TECH
I'm primarily using the solution on my client's site.
This is a log event management tool. We are integrating this solution for the clients where it is required. Mostly we work with OEMs such as IBM, RSA, Splunk, and Micro Focus.
With the help of these tools, you can identify any attacks or phishing activity in your network. Most of the time you are able to identify these types of attacks or activity on your firewall. When the firewall will notify the SIEM tools, it will identify which needs to be acted on immediately - unlike when you are using automation tools. With the help of automated tools, you can block those suspicious IPS or you can hand it over back to your security analyst or analyst team to take action ASAP.
View full review »Our solution is utilized by customers to monitor security alerts by ingesting logs from all their assets.
They create correlation rules to identify any potential breaches or hacking attempts and receive notifications through the dashboard.
Customers can use additional features to investigate the incident and take the necessary actions.
View full review »GD
Seakr Dg
Security Operations Manager at a computer software company with 1,001-5,000 employees
We have two customers using this solution and one of them is a banking business. We are collecting some of the security log sources. In the main use case, we are correlating rules and we are using the endpoint detection capabilities. We are utilizing RSA NetWitness Logs and Packets, to have more insights on an endpoint level.
View full review »MA
reviewer1372137
IT and Cybersecurity Professional at a financial services firm
Our primary use case is real-time threat prediction so that we can minimize the person-hours of IT security analysts.
View full review »NB
Nilesh Bhate
Delivery Partner APAC and MEA at Tata Consultancy
Primarily, I use this solution to integrate with applications and systems like firewalls and routers. For example, if somebody is trying to log on from two different locations simultaneously, we can catch that.
View full review »MT
Maurizio Testa
Security Engineer/Architect at Telecom Italia
We are a solution provider and RSA NetWitness is one of the products that we implement for our clients. We also use it ourselves, They primarily use it for threat protection.
View full review »HL
Hubert Luberek
Information Technology Security Architect at a financial services firm with 5,001-10,000 employees
We use the on-premise deployment model of this solution. Our primary use case of this solution is for malware detection and for reconstruction during the incident and forensic analysis.
View full review »RD
RamneshDubey
Senior Cyber Security Specialist at a tech vendor with 10,001+ employees
We are a service providing company and this is one of the products that we implement for our clients. The RSA NetWitness Logs and Packets solution is used for Event Stream Analysis (ESA), and we implement use cases based on our customers' needs. For example, suppose the security device is a Palo Alto device then at the policy level, we implement the use cases. These might be things like phishing attacks or a botnet. Most companies follow the GDPR regulations for compliance.
We have RSA NetWitness implemented in virtual appliances.
View full review »AM
AdrianMache
RSA Specialist at a computer software company with 1,001-5,000 employees
Our customers are enterprise-level businesses.
View full review »AR
reviewer1442106
Associate Manager Human Resources at a financial services firm with 1,001-5,000 employees
We are using this solution for security.
View full review »VG
VishalGilatar
IT Security Head with 1,001-5,000 employees
The RSA NetWitness Logs and Packets solution was set up as part of the SOC. It is set up on two sides. One is for the Data Center (DC) side, and the other is for the Disaster Recovery (DR) side.
View full review »MH
Maor Hojberg
Team Leader & Head of MSSP at We Ankor
We are no longer using this solution, however, it was used mostly for network monitoring.
View full review »PR
Pasupuelepi Ram
Analyst at Microland Limited
MA
reviewer1308300
Information Securuty Analyst at a tech services company with 11-50 employees
I am currently working in a security operations center and RSA NetWitness Log and Packets is part of our security solution. We use it for log management and anomaly identification. It is used for compliance as well because it has a log archiving capability that will span at least a couple of years.
We are also using it to facilitate monitoring and research.
View full review »IO
reviewer1591461
Solution Specialist at a tech services company with 11-50 employees
The customer that we work with uses it to gather logs from all the devices in their enterprise so that they have that single point of visibility into trace information in the environment.
View full review »EB
SrManagee3c6
Sr Manager InfoSecurity at a healthcare company with 10,001+ employees
We don't have a primary use case. There are many use cases that we have defined based on business needs.
View full review »AV
Allan Vargas
IT security specialist at a comms service provider with 201-500 employees
Our primary use case is for the administration of the internal network.
View full review »AV
Allan Vargas
IT security specialist at a comms service provider with 201-500 employees
Our primary use case is for detecting or monitoring the process that we use in devices, servers, or databases.
View full review »MH
Maor Hojberg
Team Leader & Head of MSSP at We Ankor
We use it as a network tool to alert any anomalies on the network.
View full review »Buyer's Guide
NetWitness Platform
April 2024
Learn what your peers think about NetWitness Platform. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
769,065 professionals have used our research since 2012.