RSA Security Analytics Investigation
With its proven analytic functionality, RSA Security Analytics Investigation is the primary interactive analysis module for the security analyst. Investigation provides free-form contextual analysis on massive volumes of data exposed by the RSA Security Analytics infrastructure, enabling security analysts to perform automated and interactive analyses of complex security problems. Unlike other products, which display network and log traffic in the context of confusing nomenclature, Investigation uses the solution’s patented MetaData framework – a lexicon of nouns, verbs, and adjectives characteristic of the application layer content and context parsed by Security Analytics during reconstruction at the time of capture. Since the metadata from both packets and logs is normalized, a security analyst can focus on the problem instead of data interpretation.
With a customizable, browser-based interface, Investigation enables data analysis in unlimited dimensions for complete situational awareness. Using Investigation, analysts “remove the hay” until only the “needles” remain, quickly filter the data, and focus on generating new intelligence.