Skip to main content

RSA NetWitness

Download With Dependencies

RSA NetWitness Platform provides systems Logs, Network, and endpoint visibility for real-time collection, detection, and automated response with the Demisto Enterprise platform. Providing full session analysis, customers can extract critical data and effectively operate security operations automated playbook.

RSA NetWitness provides your security team with the visibility it needs to detect sophisticated threats to your system. It collects and analyzes data across all capture points and computing platforms enriching data with threat intelligence and business context.

What does this pack do?

  • Isolate/unisolate infected endpoints.
  • Get alerts triggered for a given host.
  • Retrieve the alerts that are associated with an incident.
  • List, update, remove incidents.
  • Get snapshots for a given host.
  • List all related file information from a specific endpoint server and downloading files.
  • Scan a host.

Pack Contributors:

  • Pierre Soler
  • Sébastien Guisnet

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.




Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByCortex
CreatedJanuary 27, 2021
Last ReleaseOctober 13, 2023

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.