Out of Many Brands, One: A New Day for NetWitness

This post was published on the NetWitness blog on September 8, 2021. The original post, written by Ben Smith, Field CTO of NetWitness, can be found here.

One of the great things about being a brand among brands in a larger corporate family is you don't get swallowed up or otherwise overshadowed by the parent brand.

But there can be a downside as well: unintended brand confusion in the marketplace with your customers and prospects.

After all, when we here at NetWitness get questions like "Didn't you used to be part of EMC?" and "I thought you were a member of the Dell Technologies family" and "Weren't you part of RSA?"—and the answer to all three of these questions is "Yes!"—well, that clearly leaves us with some work to do in explaining our current growth iteration.

For the first time in more than a decade, our NetWitness brand is now operating as an independent, standalone business.

You can read about the long and storied quarter-century history of the NetWitness threat detection and response platform?elsewhere. Today, let's talk a little about?where we are as an organization, why we look the way we do, and how we are positioned to continue to succeed in the future.

NetWitness is now at the 1-year mark?operating as a standalone business?under our new corporate ownership, a consortium led by Symphony Technology Group (STG). Once that acquisition formally closed, an early decision by our new owners was to take the 4 RSA product-oriented lines of business (integrated risk management; authentication; omnichannel fraud prevention; and NetWitness' threat detection and response / XDR platform)—up until that point operating with shared resources and shared corporate messaging—and?put each of us on our own ship to chart our respective courses,?fully independent of one another.

Why make such a dramatic change in the past year, especially in the context of the broader public health crisis and its accompanying business challenges?

Our reorganization wasn't an example of a new corporate owner simply flexing its muscles to change things for the sake of change. This was, and is, a decision that makes sense in several areas for NetWitness: the brand, the platform, and the team:

1. An independent NetWitness has a much tighter solution focus on our own core offering. We've been talking about, and delivering, features and functions well beyond your typical SIEM platform for some time, characterizing ourselves as an?Evolved SIEM. The extended detection and response?(XDR) market is a natural extension of our ongoing messaging?about the centrality of the SOC, and real-world-informed tooling that respects the strengths and limitations of your human analysts protecting your organization.?We no longer need to shape our message to fit cleanly into the broader corporate messaging which encompassed 4 distinct product lines.?That contortion of our message arguably led to dilution of that message.
2. An independent NetWitness is more nimble in the face of an increasingly complex threat landscape. The attack surface continues to expand in highly public, and highly uncomfortable, ways. In many industries, the spring and summer of 2020 were dominated by the scramble of figuring how to take in-house staff and convert them into an effective, safe, and secure remote workforce. But even the best-positioned companies and agencies realized once those remote workers were in place, visibility into those relocated endpoints was not ideal. We were able to easily demonstrate how the combination of logs, network, endpoint, orchestration and automation, threat intelligence, and analytics can collectively provide that critical visibility, regardless of where your users are physically located.
3. An independent NetWitness eliminates brand confusion. The NetWitness brand is more than two decades old, with its own positive and well-earned reputation in the market - why not leverage that awareness by bringing the NetWitness name front and center in all our interactions? Why not bring everything we can to tell the story about how NetWitness has been defining the XDR market through our threat detection and response capabilities not just this year, but for more than five years now?

How do we know that the independent NetWitness is playing out as planned?

Here are some proof points which clearly demonstrate how?our independence has fueled an accelerated innovation path.?Not just key announcements, but actual deliveries of new products and new services—all since the beginning of our current fiscal year:

• We've introduced our very first cloud-native solution designed for the threat detection and response market: an advanced analytics and machine learning solution,?NetWitness Detect AI.
• For those customers who recognize the tremendous value of the visibility that NetWitness natively provides, but want to avoid on-premise deployments and ongoing administration of the platform, we introduced?NetWitness Cloud SIEM.
• Because visibility isn't just about logs, network traffic, and endpoint, we delivered a SaaS-native solution?NetWitness IoT, which provides security monitoring across disparate IoT devices at scale.
• Given the overarching threat of ransomware in almost every industry, we introduced?NetWitness Ransomware Defense Cloud Services, a managed cloud service that monitors endpoints, enhancing preparedness for and awareness of ransomware attacks.

Not too bad for the first half of our fiscal year!?We're?not sitting still, because?your business?can't sit still today, given the evolving nature of threats. Operating as an independent business helps us better address the needs of our customers who are facing down a future path with many forks in the road.

There's ransomware, there's supply chain attacks, there's phishing, there's espionage and geopolitical elements to consider. We at NetWitness are here to help our current and future customers as they look ahead and see a less-defined technology and threat landscape than ever before.

NetWitness isn't going to wait for those new real-world twists to arrive, and then react.

That's why?we are aggressively spending time, effort, and R&D budget?in future plans to passively source asset criticality through the data we already collect; to bring our visibility expertise to the worlds of containers and collaborative applications; and to leverage best-of-breed frameworks such as MITRE ATT&CK, as part of our broader threat intelligence efforts.

This is what an independent NetWitness looks like. Today and into the future.