Incident Response by RSA
January 05, 2022
Incident Response by RSA
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with NetWitness Incident Response and Cyber Defense Services
Pros
- Able to investigate threats faster.
- Faster and more advanced treat detection.
- Analytics.
Cons
- Documentation.
- Parsing of logs.
- User interface.
- Splunk Enterprise Security (SIEM)
ES offers the single pane of glass for investigation and monitoring needs, however, to get everything onboarded can be daunting. The identiy and assets enrichment was not as straightforward and required a lot of manual work to make them work. For it to be optimized for full benefit, there is a layer of complexity that needs to be managed along the journey post deployment as well.
Comments
Please log in to join the conversation