• United States



EMC acquires NetWitness

Apr 04, 20112 mins
Data and Information Security

On the heels of a security breach that shook RSA’s customers, parent company EMC announces its acquisition of network security analysis vendor NetWitness.

In an email this morning, EMC said its acquisition of NetWitness closed Friday. NetWitness will now operate as a part of RSA, the security division of EMC.

The timing of this news is interesting, coming just a few weeks after RSA announced hackers penetrated RSA servers and stole information related to the company’s SecurID two-factor authentication products.

Gregg Keizer, my colleague over at Computerworld, wrote yesterday that the hack appears to be tied to an

exploited security hole in Adobe Flash Player.

Sign up today.

Get your morning news fix with the daily Salted Hash e-newsletter!

He wrote:

According to RSA, attackers gained access to its network by sending two small groups of employees e-mails with attached Excel spreadsheets. One of those employees opened the attachment, which was titled “2011 Recruitment plan.xls.”

The spreadsheet contained an embedded Flash file that exploited a “zero-day” vulnerability — a bug then unknown to Adobe, and thus unpatched — that allowed hackers to commandeer the employee’s PC.

From there, the attackers installed a customized variant of the Poison Ivy remote administration tool (RAT) on the compromised computer. Using the RAT, hackers harvested users’ credentials to access other machines within the RSA network, searched for and copied sensitive information, and then transferred the data to external servers they view of latest business threats. We created it for you! Bookmark it! Use it!

CSO’s Daily Dashboard gives you a

As for the NetWitness purchase, EMC had this to say in its press release:

“The intensity and sophistication of advanced adversaries and zero day malware challenge every organization to rethink traditional approaches to network security,” said Tom Heiser, President, RSA, The Security Division of EMC.”NetWitness has redefined the security landscape, providing a powerful solution for organizations seeking to gain immediate insight, precise clarity, and timely closure in the face of the toughest cyber threats. NetWitness’ unique network security analysis capabilities extend RSA’s solutions for managing security risk and compliance across both physical and virtual environments.”

NetWitness will become a core element of RSA’s Advanced Security Management Solutions, providing real-time visibility into network activity and adding efficiency to incident investigations and workflow.–Bill Brenner