According to Sam Curry, chief technology officer for identity and protection at RSA, the NetWitness Live service, which operates around the clock, aggregates relevant threat intelligence from more than 100 sources. Some of the new data sources include the RSA CyberCrime Intelligence service and the RSA eFraud Network, which are said to together aggregate fraud intelligence from 500 million networked devices and 250 million users worldwide. New third-party intelligence feeds include VeriSign Threat Indicators and Critical Intelligence. For malware analysis, NetWitness Spectrum Live gains feeds from Bit9 and ThreatGRID.
In addition, RSA -- which itself suffered a data breach in 2011 that it blamed on a unnamed "nation-state" out to steal information related to SecurID -- will also make a plea for more collaborative sharing of threat data.
RSA will demonstrate a cloud-based framework and proof-of-concept technology aimed at improving threat-information sharing and collaboration among organizations and outside experts. RSA is calling it an "experimental collaboration platform" that it hopes will "help companies with limited experience in advanced threats augment their capabilities, and will enable broader sharing of threat intelligence across the industry." According to Bret Hartman, RSA's chief technology officer, "We'd like others in the global security community to join us in exploring new methods, such as this type of framework, to share threat information on a much larger scale."
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.