2018-11-06T13:08:00Z

What is your primary use case for RSA NetWitness Logs and Packets (RSA SIEM)?


How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Guest
1010 Answers

author avatar
Top 10Real User

I am currently working in a security operations center and RSA NetWitness Log and Packets is part of our security solution. We use it for log management and anomaly identification. It is used for compliance as well because it has a log archiving capability that will span at least a couple of years. We are also using it to facilitate monitoring and research.

2020-03-19T13:00:53Z
author avatar
Top 5LeaderboardReal User

The RSA NetWitness Logs and Packets solution was set up as part of the SOC. It is set up on two sides. One is for the Data Center (DC) side, and the other is for the Disaster Recovery (DR) side.

2020-01-19T06:38:00Z
author avatar
Top 5Real User

Our customers are enterprise-level businesses.

2020-01-12T07:22:00Z
author avatar
Real User

We are a service providing company and this is one of the products that we implement for our clients. The RSA NetWitness Logs and Packets solution is used for Event Stream Analysis (ESA), and we implement use cases based on our customers' needs. For example, suppose the security device is a Palo Alto device then at the policy level, we implement the use cases. These might be things like phishing attacks or a botnet. Most companies follow the GDPR regulations for compliance. We have RSA NetWitness implemented in virtual appliances.

2020-01-09T06:15:00Z
author avatar
Top 5Real User

We use the on-premise deployment model of this solution. Our primary use case of this solution is for malware detection and for reconstruction during the incident and forensic analysis.

2019-08-25T05:17:00Z
author avatar
Real User

We are no longer using this solution, however, it was used mostly for network monitoring.

2019-05-22T07:18:00Z
author avatar
Real User

We don't have a primary use case. There are many use cases that we have defined based on business needs.

2019-03-11T07:21:00Z
author avatar
Top 5Real User

Our primary use case is for the administration of the internal network.

2019-02-11T08:11:00Z
author avatar
Top 5Real User

Our primary use case is for detecting or monitoring the process that we use in devices, servers, or databases.

2018-12-25T09:42:00Z
author avatar
Real User

We use it as a network tool to alert any anomalies on the network.

2018-11-06T13:08:00Z
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,764 professionals have used our research since 2012.