Top Rated NetWitness Platform Alternatives
1) Easy to use
2) Secure
3) Using RSA you can use your application any where in the word.
4) It has feature to configure at both ANdroid & iOs
5) Good security feature when using specially banking application
6) Access simplifies authentication and credential management, helping to reduce IT support costs. With a conditional-access and risk-based approach, it ensures users are who they say they are and provides the right level of access from any device, across cloud and on-premises applications.
7) Two-Factor Authentication
The RSA token is a physical ‘pen’ that generates a random code every 60 seconds. This code is used, along with the RSA PIN number that you choose, in order to gain authentication for access to an account or server. The RSA token offers a two-factor authentication process that consists of:
‘Something you know’ – A four digit, memorised PIN number.
‘Something you have’ – The physical token, which generates a 6 or 8 digit code every 60 seconds.
8) it does greatly enhance login security. It’s useful for anyone who wants to use two-factor authentication.
9) Deliver convenient, secure access to your extended enterprise with RSA SecurID Access, the leading multi-factor authentication and identity assurance solution. Whether you deploy it as a service in the cloud or on premises, RSA SecurID Access protects both SaaS applications and traditional enterprise resources with a full range of authentication methods and dynamic, risk-driven access policies. Review collected by and hosted on G2.com.
1) Stolen Seeds?
Every RSA SecurID has a unique 128 bit key hardware coded into it, a 128 bit number is very long number, so it’s very hard to brute-force/guess what it is. This key is often referred to as the seed. RSA keep a copy of the seed unless the customer specifically tells them to remove it, RSA’s storage of SecurID seeds is what is suspected to have been compromised. Each SecurID issued to a customer is associated with a customer based RSA SecurID Server, which stores the seed number. The seed is in essence a private key which must be kept secret, even from the user, and is used to generate the challenge response number on the SecurID token, and is used to match it up on SecurID Server.
In simple terms, if an attacker were to know which SecurID token you had, based on the serial number on the back or from the customer site database; and assuming the attacker had the stolen RSA database of serial numbers and seed numbers, the attacker could generate the SecurID number without having possession of SecurID token, which defeats the purpose of two factor authentication.
2) However they are many factors and ‘ifs’ in play, assuming the attacker had the full RSA SecurID database in their possession, to be fully successful the attacker would need to obtain the username, password, remote gateway details and SecurID serial number. Most of this information would need to be collected from the user or from within the customer site. So phishing attacks, social engineering and network attacks are most likely ways to obtain such information, which is why RSA is providing warnings to be on the guard with such attacks. Review collected by and hosted on G2.com.
21 out of 22 Total Reviews for NetWitness Platform
Overall Review Sentiment for NetWitness Platform
Log in to view review sentiment.
As a user and part of security team in my company, the platform's ease of use and compact interface is a must on our daily monitoring. This alone is vital in part of investigation and response to any incidents that may arise. Based on my colleague, support team is also helpful and there are resources that is available to the community. Overall a great tool to assist on our job. Review collected by and hosted on G2.com.
It will take some time to get into the familiarity of navigating through the platform. This is not for an entry-level position, but learnings this tool will be a solid help in the future. Review collected by and hosted on G2.com.
Few weeks ago, I had an opportunity using the platform. And for what I have found out that its not so complicated after all. Review collected by and hosted on G2.com.
DIdnt find any as of this few weeks using it. Review collected by and hosted on G2.com.
1- The visibility RSA NetWitness packet (NDR) provides is brilliant.
2- Easy installation and deployment.
3- The scalability of deployment is very good.
4- The combination of NDR, EDR and Logs in the same interface.
5- Effective technical support. Review collected by and hosted on G2.com.
1- Documentation that is poor.
2- Integration with log sources is limited in comparison with other brands.
3- Building use cases is not easy, and poor built-in use cases.
4- Weak parsing of logs.
5- The user interface is not friendly enough.
6- Respond module requires significant enhancement. Review collected by and hosted on G2.com.
The response speed at GUI for Security Analysis and threat hunting purpose is the best part. Even to fetch the old data for any of the audit purposes it takes just seconds. Review collected by and hosted on G2.com.
I don't like the Hybrid component i.e Hybrid log decoder (Decoder+ Concentrator) as if in case we face problem in any of the component we have to face trouble with other as well. Better to prefer all the standalone component in RSA Netwitness. Review collected by and hosted on G2.com.
The investigation tab is helping me a lot during my investigation as it shows all the available meta keys in the logs, which makes it easier to notice suspicious artifacts. Review collected by and hosted on G2.com.
RSA Net witness needs enhancing in showing the details of the entire packet, for example (headers and body) Review collected by and hosted on G2.com.
Ability to find and decode base65 and hex.
Inbound SSL decryption.
The ability to run anywhere, physical hardware, cloud etc.
SOAR capabilities can be used to scale security operations. Review collected by and hosted on G2.com.
No cross platform SOAR compatibility.
Difficult to learn and use initially.
Setting up the solution is complex for first timers.
Integrating newer devices is a tough task. Review collected by and hosted on G2.com.
