RSA NetWitness provides your security team with the visibility it needs to detect sophisticated threats to your system. It collects and analyzes data across all capture points and computing platforms enriching data with threat intelligence and business context.
What does this pack do?
- Isolate/unisolate infected endpoints.
- Get alerts triggered for a given host.
- Retrieve the alerts that are associated with an incident.
- List, update, remove incidents.
- Get snapshots for a given host.
- List all related file information from a specific endpoint server and downloading files.
- Scan a host.