• Content Bundles or Packs

    As part of the ongoing development of content to combat threats, RSA develops content bundles. These are grouped sets of content (rules, parsers, feeds) that can be deployed as a group from RSA Live. Deploying a...
    RSA Information Design and Development
    last modified by RSA Product Team
  • Known Threats Pack

        Many cyber threats have already been identified, and RSA NetWitness has been actively delivering content related to these identified threats. The content required to hunt these threats are in the form...
  • UEBA Essentials Content Pack

        The purpose of UEBA Essentials and user-hunting is to detect or bring focus to suspicious user and entity behavior to find potential insider threats, lateral movement by external attackers, or ge...
  • Hunting Pack

        The Hunting Pack is a set of content that derives indicators of compromise and anomalous events. Deploying this bundle will download all of the content and content dependencies of the Hunting Pack inc...
  • Remove Original IR Pack

        The Hunting Pack is designed to allow you to quickly hunt for indicators of compromise or anomalous network activity by dissecting packet traffic within RSA NetWitness Platform and populating specific...
  • Lateral Movement Content Pack

        Lateral movement is a part of the kill chain. After an attack has taken place, which allows entry into a company’s internal environment, lateral movement is the process of elevating credentials...