TrustRadius
RSA enVision is security information and event management software from the security division of EMC.https://dudodiprj2sv7.cloudfront.net/product-logos/4M/z9/0FTRIKT7HTQ6.gifRSA NetWitness! What you need and more!We are using it as RSA Security Analytics (NetWitness) for our SIEM. We do log and packet collection and analysis and generate alerts and incidents that flow into RSA Archer Security Operations module. It is a major part of our information security program, and [we] depend on it for managing DLP incidents, Windows event logging and alerting. Our goal is automation, so we automate as much as we can, since we have limited resources, and do not have a 24/7 SOC.,Log collection and parsing. Packet collection and parsing. Enhanched analytics and alerting. Robust integration.,Lacking out of the box best practice templates etc. It relies heavily on customization. Lack of up to date threat feeds. Difficult to learn and use initially.,7,Hard to calculate ROI since it is not revenue based. It is a expensive solution, bit very capable.,
Unspecified
RSA enVision
3 Ratings
Score 6.5 out of 101
TRScore

RSA enVision Reviews

RSA enVision
3 Ratings
Score 6.5 out of 101
Show Filters 
Hide Filters 
Filter 3 vetted RSA enVision reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-1 of 1)
  Vendors can't alter or remove reviews. Here's why.
No photo available
April 17, 2017

RSA enVision Review: "RSA NetWitness! What you need and more!"

Score 7 out of 10
Vetted Review
Verified User
Review Source
We are using it as RSA Security Analytics (NetWitness) for our SIEM. We do log and packet collection and analysis and generate alerts and incidents that flow into RSA Archer Security Operations module. It is a major part of our information security program, and [we] depend on it for managing DLP incidents, Windows event logging and alerting. Our goal is automation, so we automate as much as we can, since we have limited resources, and do not have a 24/7 SOC.
  • Log collection and parsing.
  • Packet collection and parsing.
  • Enhanched analytics and alerting.
  • Robust integration.
  • Lacking out of the box best practice templates etc. It relies heavily on customization.
  • Lack of up to date threat feeds.
  • Difficult to learn and use initially.
It is really a robust platform that can be heavily customized to suit requirements. Good for advanced hunting and forensics. Robust automation features.
Read this authenticated review

RSA enVision Scorecard Summary

Feature Scorecard Summary

Centralized event and log data collection (1)
8
Correlation (1)
10
Event and log normalization (1)
8
Deployment flexibility (1)
10
Integration with Identity and Access Management Tools (1)
7
Custom dashboards and views (1)
6
Host and network-based intrusion detection (1)
4

About RSA enVision

RSA enVision is security information and event management software from the security division of EMC.

RSA enVision Technical Details

Operating Systems: Unspecified
Mobile Application:No