SINGAPORE, July 22, 2015 /PRNewswire/ --
STORY HIGHLIGHTS
- RSA® ECAT is designed to enable active endpoint
defense against advanced threats by rapidly detecting and blocking
or quarantining suspicious files and processes without the need for
signatures
- Now is engineered to enable real-time visibility, detection,
and response on endpoints even while outside the corporate
network
- Newly introduced intelligent risk scoring system is built to
enable analysts to respond and take action based on highest
priority incidents
- New capabilities, when combined with RSA Security Analytics,
are designed to enable SOC teams to detect and respond to advanced
attacks more quickly and precisely by delivering complete
visibility across the entire enterprise - from the endpoint to
cloud.
RSA CONFERENCE ASIA PACIFIC
& JAPAN
RSA, The Security Division of EMC (NYSE: EMC), today announced,
the latest version of RSA® ECAT for advanced endpoint
threat and malware protection. RSA ECAT is designed to enable
analysts to quickly hunt down and block new malware missed by
existing tools by focusing on analyzing the behavior of every
process on the endpoint for suspicious indicators rather than
relying on traditional malware signatures. The new version of RSA
ECAT also helps allow analysts to block suspicious endpoint
activity across the enterprise whether the endpoints are on or off
the corporate network – reducing the opportunity for an attacker to
take advantage of off-network activity. Analyst response to
suspicious activity is also better prioritized by a newly
introduced intelligent risk scoring algorithm that is engineered to
leverage advanced machine-learning techniques to enable faster
detection and categorization of a wider range of malicious endpoint
behavior.
Cybercriminals are constantly developing new malware and
techniques to circumvent security and penetrate an
organization's network. The new enhancements to RSA ECAT are
designed not only to automatically detect these previously unknown
threats, but also will block or quarantine them, limiting the
ability of an attacker to avoid detection and increase their dwell
time in the network. This goes well beyond discovery of zero-day
attacks or targeted attack variants by harnessing the power of
memory analysis, which compares what happens in memory to what
happens on disk, to spot code injection, hooking and other advanced
techniques
Cybercriminals are also taking advantage of the fact that
endpoints are increasingly leveraging the public Internet and
disconnected from the corporate network. To address this
growing reality, RSA ECAT now is engineered to give enterprises the
option for security analysts to monitor and take action on
endpoints anywhere, anytime they are connected to the Internet.
Organizations are under constant attack, creating the potential
for chaos and breach as analysts struggle to track down and respond
to every alert, potentially missing the alert that signals the
greatest threat. To address the torrent of alerts that
endpoints can generate for analysts, RSA ECAT's new intelligent
risk scoring system helps allow organizations to quickly
understand, prioritize, and focus on the most important incidents
before they impact the enterprise.
RSA provides comprehensive visibility from the endpoint to the
cloud. By combining a thorough view of behavior on the endpoint
from RSA ECAT with the rich set of data from network packets and
logs in RSA® Security Analytics, analysts have the
ability to see and understand everything happening in their
environment and within seconds can investigate incidents down to
the most granular detail and take the most appropriate action.
The next version of RSA ECAT will be available in Q3 2015.
Executive Quote:
Grant Geyer, Senior Vice
President, Products, RSA
"Cyber criminals are becoming more creative when it comes to
developing new techniques to penetrate an organization's network.
If a network is infected by an unknown malware, relying on
signature-based tools like Anti-Virus solutions will leave you with
a false sense of security. When a network is at risk, analysts must
be able to detect the issue quickly, and rapidly understand the
type of attack along with the affected systems to understand the
extent of malicious activity at the endpoints. RSA ECAT complements
our network and cloud approaches to provide pervasive visibility
for faster threat detection and remediation."
Analyst Quote:
Christina Richmond, Program
Director, Security Services, IDC
"Senior security analysts often spend much of their day
responding to incidents that turn out to be less critical than they
originally appeared. This is the norm because they are limited in
their ability to determine the sophistication and scope of an
attack because of a lack of visibility into the behavior on their
endpoints. Endpoint detection and response tools, like RSA
ECAT, can help address this challenge by better enabling less
experienced team members to prioritize suspicious activity and
quickly triage alerts – enabling the entire staff to focus on the
most important alerts and reducing the case load on the most
experienced analysts."
ADDITIONAL RESOURCES:
- Learn more about the new features in RSA ECAT in this
video
- Check out the Rule your Endpoints eBook
- Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and
the RSA Speaking of Security Blog and Podcast
About RSA
RSA's Intelligence Driven Security solutions help organizations
reduce the risks of operating in a digital world. Through
visibility, analysis, and action, RSA solutions give customers the
ability to detect, investigate and respond to advanced threats;
confirm and manage identities; and ultimately, help prevent IP
theft, fraud and cybercrime. For more information on RSA,
please visit www.rsa.com.
RSA and EMC are either registered trademarks or trademarks of
EMC Corporation in the United
States and/or other countries. All other company and product
names may be trademarks of their respective owners.
This release contains "forward-looking statements" as defined
under the Federal Securities Laws. Actual results could
differ materially from those projected in the forward-looking
statements as a result of certain risk factors, including but not
limited to: (i) adverse changes in general economic or market
conditions; (ii) delays or reductions in information technology
spending; (iii) the relative and varying rates of product price and
component cost declines and the volume and mixture of product and
services revenues; (iv) competitive factors, including but not
limited to pricing pressures and new product introductions; (v)
component and product quality and availability; (vi) fluctuations
in VMware, Inc.'s operating results and risks associated with
trading of VMware stock; (vii) the transition to new products, the
uncertainty of customer acceptance of new product offerings and
rapid technological and market change; (viii) risks associated with
managing the growth of our business, including risks associated
with acquisitions and investments and the challenges and costs of
integration, restructuring and achieving anticipated synergies;
(ix) the ability to attract and retain highly qualified employees;
(x) insufficient, excess or obsolete inventory; (xi) fluctuating
currency exchange rates; (xii) threats and other disruptions to our
secure data centers or networks; (xiii) our ability to protect our
proprietary technology; (xiv) war or acts of terrorism; and (xv)
other one-time events and other important factors disclosed
previously and from time to time in the filings of EMC Corporation,
the parent company of RSA, with the U.S. Securities and Exchange
Commission. EMC and RSA disclaim any obligation to update any
such forward-looking statements after the date of this release.
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/new-rsa-ecat-release-engineered-to-extend-ability-to-rapidly-detect-and-block-advanced-threats-on-endpoints-300116802.html
SOURCE RSA