Incident Response by RSA
January 05, 2022

Incident Response by RSA

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with NetWitness Incident Response and Cyber Defense Services

  • Able to investigate threats faster.
  • Faster and more advanced treat detection.
  • Analytics.
  • Documentation.
  • Parsing of logs.
  • User interface.
ES offers the single pane of glass for investigation and monitoring needs, however, to get everything onboarded can be daunting. The identiy and assets enrichment was not as straightforward and required a lot of manual work to make them work. For it to be optimized for full benefit, there is a layer of complexity that needs to be managed along the journey post deployment as well.
The response speed of GUI for our security folks and threat hunting purpose was the most important portion to recommend if required. Fetching old data for any purposes including audit, takes just seconds, which is awesome. The investigation tab shows all available meta keys in the logs as well, which makes it easier to notice any suspicious artifacts.