Paul Roberts Security Ledger and Amy Blackshaw, RSA

Video: How Automation and Machine Learning Power Future of SIEM

In this interview with The Security Ledger, Amy Blackshaw of RSA talks about how the company’s RSA Netwitness SIEM product is evolving to keep pace with a fast -evolving security market. Job 1: use machine learning and automation to allow customers to make the best use of their human resources. 

If you want to understand the challenges facing IT security professionals these days, just stand on the trade show floor at a security industry event like the RSA Conference in San Francisco or, more recently, the Black Hat Briefings in Las Vegas.

The din of trade show booth barkers, live demonstrations and attendees is overwhelming.  They are a sea of signs and banners – all offering variations on the same promises: faster, more accurate threat detection. Advanced attack prevention. Push button simplicity. Low cost.

Paul Roberts Security Ledger and Amy Blackshaw, RSA
Paul Roberts of Security Ledger interviews Amy Blackshaw of RSA at The 2018 Black Hat Briefings.

“I can’t imagine being a buyer of security,” Amy Blackshaw, the Director of Product Marketing at RSA told me from the trade show floor at Black Hat recently. “All the talk is about finding threats faster,” she noted. “But the specifics of technical differentiation doesn’t bubble up to the marketing materials.” That makes it hard for would be buyers of technology to understand the benefits of one technology or approach to their organization versus another.

[See also: Episode 107: What’s Hot at Black Hat & does DHS need its new Risk Management Center?]

The result, too often, is that scarce information security dollars get spent on the wrong technologies solving the right problems, or the right technologies solving the wrong problems.

How does a venerable, 30 year old brand like RSA compete in such a crowded and noisy market? In this exclusive video interview recorded at Black Hat, Blackshaw and I talk about RSA’s evolving mission, from digital signatures and identity to – today- managing digital risk, broadly defined.

Much of RSA’s evolution as a security vendor can be seen in the evolution of one of its most important products: the RSA NetWitness security information and event management (SIEM) platform that, today, comprises features including log management and analysis, network detection and forensics, user entity and behavior analytics (UEBA), endpoint detection and response and – increasingly – security orchestration and automation features.

The shift to the cloud has meant that RSA Netwitness now needs to work seamlessly across on premises and hosted environments. At the same time, a premium on security talent such as SOC analysts, incident responders, reverse engineers and other professionals means that RSA has had to focus on automation to remove repetitive or mundane tasks with RSA Netwitness, Blackshaw said. “The benefit is all about driving efficiencies,” she said.

You can check out our conversation from Black Hat (above) or visit RSA’s YouTube page for more.


  1. Pingback: How Digital Transformation is forcing GRC to evolve | The Security Ledger

  2. That’s a good article to learn many things great. Thanks for this.