IT Central Station is now PeerSpot: Here's why

RSA NetWitness Logs and Packets (RSA SIEM) Room for Improvement

Mahesh Suryawanshi - PeerSpot reviewer
Program Manager at EGYANAM TECH

We are designing reports and automated rules and processes. We are defining them in relation to this product. With the help of automated rules and processes, this product will help the team when they go to production to do operations smoothly, as, most of the time, what happens when you put manual interference into such systems, it may be delayed. This can lead to vulnerabilities. Sometimes, if a hacker enters the system, he might only have a limited time where there is a window of access, however, in that time, he'll take what he can, and even if the vulnerability only lasted for a few minutes, in that time, items can get stolen. 

Therefore, there needs to be more proactively to avoid any downtime. We're adding automating tools to help RSA Netwitness so that if anything happens, RSA can immediately shut anything down. We're in the process of configuring them and adding them in.

The initial setup is complex. There are solutions that are easier to implement.

View full review »
IO
Solution Specialist- Data Protection at a tech services company with 11-50 employees

The reporting aspect could be improved. There are instances where you try to run the reports and then it does not give you the desired outcome. At times, it appears as if the reporting feature might be buggy.

You want to actually follow the trends and see how technology is advancing. I think they've done that with regard to security orchestration, automation, and response. However, I think that they could do better with the automation and response.

View full review »
MdZaman - PeerSpot reviewer
Deputy Manager at JTI (Japan Tobacco International)

The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. 

Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.

View full review »
Buyer's Guide
RSA NetWitness Logs and Packets (RSA SIEM)
June 2022
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,812 professionals have used our research since 2012.
ST
Manager at a comms service provider with 10,001+ employees

RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms.

View full review »
Seakr Dg - PeerSpot reviewer
Security Operations Manager at a computer software company with 1,001-5,000 employees

The multi-tenant capabilities are lagging compared to IBM QRadar.

We want the OEM to support us when we add a partner. They have to come forward and be ready to give a POC to the customer. For example, if we are identifying any customer, and the customer wants to see the POC but at that time we do not have that resource to showcase the POC or the environment. At this time the OEM should come forward and showcase the POC to the customer. Once the customer is satisfied, we will be gaining the business, as a win-win situation.

View full review »
Rahul Patel - PeerSpot reviewer
Cyber security Lead at a manufacturing company with 1,001-5,000 employees

I believe they could improve their support, there are often delays. The price of the solution could be reduced, it's very costly. 

View full review »
AR
Associate Manager Human Resources at a financial services firm with 1,001-5,000 employees

More customizability is required, which is something that they need to improve on.

When it comes to starting a log event, there are not many options available. It is very limited.

The log and event correlation need improvement.

The threat detection capability should be enhanced.

View full review »
LB
Presales Manager at a tech services company with 51-200 employees

If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis.

NetWitness has a malware appliance, but in terms of dynamic analysis, we need to integrate with 30 vendors. It would be great to have a sandbox produced by the RSA and the SSL appliance also.

View full review »
MT
Security Engineer/Architect at Telecom Italia

It is not so easy to customize this product.

This product would be improved with the addition of machine learning functionality.

View full review »
NB
Delivery Partner APAC and MEA at Tata Consultancy

An area for improvement would be better automation and more inbuilt use cases. In the next release, RSA should include an inbuilt migration framework that can do remediation.

View full review »
PR
Analyst at Microland Limited

Security needs improvement.

We would still like to know how the traffic is entering the organization. We can find out but it will take time before we know, leaving the organization vulnerable for attack.

There is no SIEM tool in the world that can provide 100% security.

View full review »
Buyer's Guide
RSA NetWitness Logs and Packets (RSA SIEM)
June 2022
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,812 professionals have used our research since 2012.