We just raised a $30M Series A: Read our story

RSA NetWitness Logs and Packets (RSA SIEM) Valuable Features

Program Manager at EGYANAM TECH

We have not evaluated this tool. It is evaluated by the client's company directly. That said, I have found it has good threat intel insights, comparatively speaking. 

From the client-side, there are economical kinds of features.  It's quite economical compared to other solutions in the market. 

The solution is scalable. 

The technical support is very good.

View full review »
Senior Cyber Security Specialist at a computer software company with 10,001+ employees

The most valuable features are the packet decoder, log decoder, and concentrator. The packet decoder is capable of collecting the flow, whereas the log decoder is capable of collecting the event. NetWitness offers a hybrid solution that collects both and also uses the concentrator.

View full review »
VG
IT Security Head with 1,001-5,000 employees

The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it. With some other solutions, creating custom connectors is very costly.

The dashboard is very simple to use.

View full review »
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,529 professionals have used our research since 2012.
MA
IT and Cybersecurity Professional at a financial services firm

The most valuable features are the threat prediction and network forensics. For example, if there is any malware on the network, I am able to see who received it and who clicked on it. I like this functionality the most.

The deployment of the appliance is easy, where even a non-technical person can configure it.

View full review »
IO
Solution Specialist- Data Protection at a tech services company with 11-50 employees

The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs. So, the capture packet also gives you specific insight into what's going on in the network, and it makes your trace investigation much more comprehensive.

The user interface is fine.

View full review »
MA
Information Securuty Analyst at a tech services company with 11-50 employees

Performance and reporting are very good. 

View full review »
Security Operations Manager at a computer software company with 1,001-5,000 employees

The newer 11.5 version that my team is using has found it to have good mapping.

View full review »
RSA Specialist at a computer software company with 1,001-5,000 employees

The most valuable features are the integration and ease of use. It is a pretty simple platform that can integrate very well with our system.

View full review »
Cyber security Lead at a manufacturing company with 1,001-5,000 employees

The wireless feature is good, it tells you when to check a spot, which file it has used to encrypt, whether it is spreading and how many hosts have been infected. It's about data analysis. Looking at the network logs, it's difficult to figure out where the problem is coming from and where it's going, but those kinds of features help me a lot. The solution provides lots of automatic rules which is helpful. Technically speaking, this is a good product. 

View full review »
AR
Associate Manager Human Resources at a financial services firm with 1,001-5,000 employees

The most valuable features are the packet inspection and the automated incident response.

View full review »
MT
Security Engineer/Architect at Telecom Italia

The most valuable feature is the security that it provides.

The log-related capabilities are good.

It integrates well with other risk-assessment tools.

View full review »
PR
Analyst at Microland Limited

What we are mainly using are the RSA Concentrator, RSA Decoder, Archiver, Broker, and Log Decoder.

View full review »
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,529 professionals have used our research since 2012.