RSA FirstWatch Advanced Threat Research and Intelligence



RSA FirstWatch is a research and analysis organization focused on emerging and sophisticated threats from around the globe.

Mission

The RSA FirstWatch mission is to provide RSA Security Analytics customers covert tactical and strategic threat intelligence on advanced threats and actors. The team focuses on threats that were previously unknown to the security community including malicious code and content analysis, threat research, ecosystem analysis, and profiling threat actors.

Experience

The team is made up of elite, highly trained threat research and intelligence experts with backgrounds in government, military, financial services, and information technology. With heritage dating back to the late 1990s, members focus on the threat ecosystem and profiling threat actors.

Scope

Tracking millions of IPs and domains and dozens of unique threat sources, RSA FirstWatch delivers situational awareness and threat intelligence from across RSA’s research and incident-response community, helping customers prepare for, respond to, and mitigate advanced cyber threats.

Results

RSA FirstWatch not only conducts world-class research, it operationalizes that research by converting it into threat feeds, rules, blacklists, parsers, and more via the RSA Live Intelligence System. RSA Live then fuses FirstWatch threat intelligence with your organization’s current and historical network and log event data.

Research

Read the latest intelligence on advanced threats, threat campaigns, and threat actors from the RSA FirstWatch research team.

White Papers

The VOHO Campaign: An In Depth Analysis

Blog

INTH3WILD: The Current State of Cyber Threats

Presentation

Link by Link: Crafting the Attribution Chain

Notes: