The RSA FirstWatch mission is to provide RSA Security Analytics customers covert tactical and strategic threat intelligence on advanced threats and actors. The team focuses on threats that were previously unknown to the security community including malicious code and content analysis, threat research, ecosystem analysis, and profiling threat actors.
The team is made up of elite, highly trained threat research and intelligence experts with backgrounds in government, military, financial services, and information technology. With heritage dating back to the late 1990s, members focus on the threat ecosystem and profiling threat actors.
Tracking millions of IPs and domains and dozens of unique threat sources, RSA FirstWatch delivers situational awareness and threat intelligence from across RSA’s research and incident-response community, helping customers prepare for, respond to, and mitigate advanced cyber threats.
RSA FirstWatch not only conducts world-class research, it operationalizes that research by converting it into threat feeds, rules, blacklists, parsers, and more via the RSA Live Intelligence System. RSA Live then fuses FirstWatch threat intelligence with your organization’s current and historical network and log event data.
Read the latest intelligence on advanced threats, threat campaigns, and threat actors from the RSA FirstWatch research team.
Stalking the Kill Chain
The VOHO Campaign: An In Depth Analysis
INTH3WILD: The Current State of Cyber Threats
Link by Link: Crafting the Attribution Chain