RSA Security has announced the acquisition of Fortscale Security, a behavioral analytics company.
RSA intends to improve the firm’s RSA NetWitness enterprise software through the inclusion of new user and entity behavioral analytics (UEBA) capabilities and a machine learning orchestration tool for automating threat response on enterprise networks, courtesy of Fortscale technologies.
The deal was revealed on Thursday. Financial details were not disclosed.
Israeli-founded Fortscale specializes in behavioral analytics for the enterprise. Based on machine learning systems and algorithms, the analytics solutions are designed to quickly pinpoint risks such as malicious traffic or odd insider behavior.
In turn, these systems aim to give enterprise players a boost in overall security and security staff the chance to hone in on threats without the labor of processing thousands of alerts.
RSA Security, based in Bedford, Mass., is an enterprise security firm which supports roughly 30,000 customers worldwide. The company has clients in the manufacturing, technology, telecoms, and financial sectors, among others.
According to RSA, Fortscale’s technologies will be harnessed to expand the NetWitness 11.1 platform in order to include UEBA capabilities.
The latest version of RSA NetWitness 11.1, also announced at the same time as the acquisition, will also support endpoint management and inventory scans, behavioral profiling, and log visibility based on dynamic parsing.
The introduction of Fortscale’s machine learning also allows the platform to suggest analyst assignments, enhance playbooks, and identify the best course of action for investigations into suspicious or risk-based alerts.
In addition to the upgraded platform, RSA has also introduced NetWitness UEBA and NetWitness Orchestrator, which are designed to “strengthen the evolved SIEM and threat defense platform, a revolutionary centerpiece of security operations teams.”
“Adding more security monitoring and prevention tools is a common response to the growing digital risk environment, but too often, the influx of data creates unattended alerts, overwhelming analysts,” said Michael Adler, Vice President of the RSA NetWitness Platform team. “The new UEBA and orchestration capabilities in RSA NetWitness Platform provide heightened visibility and analytics, allowing analysts to keep up with their SIEM data, investigate issues, and automate threat responses, all on a single integrated platform.”
RSA NetWitness Platform 11.1 and NetWitness UEBA are available now. RSA NetWitness Orchestrator will be available in late April.
The acquisition is subject to regulatory approval.