NETWORKING

  • 04/06/2011
    1:01 AM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    +
    Vote up!
    -
    Vote down!

EMC Acquires NetWitness To Investigate Network Security Breaches

EMC on Monday announced the acquisition of NetWitness, a company whose technology monitors computer networks to detect and re-mediate security threats while also automating the process of investigating security incidents. NetWitness will operate as part of EMC's security business, RSA. Coincidentally, the acquisition closed on April 1, the same day RSA disclosed that its own systems were the target of a phishing attack. RSA categorized the event as an Advanced Persistent Threat (APT).
NetWitness is used by several Global 1000 companies in fields such as financial services, power and energy, telecommunications and retail as well as government agencies involved in defense, homeland security and law enforcement. According to EMC, security threats that NetWitness defends against include: insider threats; zero-day exploits and targeted malware; advanced persistent threats; fraud; espionage; and data leakage. NetWitness also provides continuous monitoring of critical security controls.

NetWitness is a well respected security analysis and visualization platform, according to Scott Crawford, managing research director at Enterprise Management Associates, an industry research firm. "It has become popular with investigative security professionals that value more than just insight into a more complete context of threat activity," Crawford wrote in a blog post Monday. "It has become a critical aspect of recognizing the extent to which any exploit can succeed."

Other companies competing with NetWitness include Solera Networks, Nicksun and AccessData and interest in them as acquisition targets should increase in the wake of the EMC/NetWitness deal, Crawford said in an interview.

RSA was forced to disclose a breach, which "resulted in certain information being extracted from RSA's systems," wrote Art Coviello, executive chairman of RSA, in a blog post Friday. The attack targeted RSA's SecureID two-factor authentication products, Coviello wrote.


Log in or Register to post comments