Netwitness

Last updated
NetWitness
Company type Private
Industry Threat detection
Predecessor ManTech International, then Dell Technologies [1] [2]
Founded1997
FateAcquired by Symphony Technology Group [3]
Successor
Headquarters
Bedford, Massachusetts
,
United States
Area served
Worldwide
Key people
  • Nick Lantuh
Website www.netwitness.com

NetWitness is a network security company that provides real-time network forensics automated threat detection, response, and analysis solutions. The company is based in Bedford, Massachusetts. In 2011, NetWitness was acquired by EMC Corporation and in 2020 was acquired by Symphony Technology Group as a stand-alone business unit, part of RSA Security. [4]

Contents

History

In the mid-1990s the NetWitness technology was established by CTX Corporation, a Washington D.C. based system integrator. The technology, initially chartered as a US Government research project, was created to help analysts better understand large volumes of captured network data for various types of investigations. CTX Corporation was subsequently acquired by ManTech International Corporation (Nasdaq :  MANT) in December 2002. [5] At Mantech, the technology was further developed to aid Federal Law Enforcement in criminal investigations and support professional service engagements for the Federal Government and commercial organizations.

In November 2006, NetWitness Corporation was spun out of Mantech, by Nick Lantuh, who was brought in to run the NetWitness Product Group and execute the spin-out. As an independent company, NetWitness focused on bringing its network analysis technology to the worldwide market. [6] Since the spin-out, NetWitness focused on products to support deep, real-time network situational awareness and agile network response.[ buzzword ]

In February 2010, NetWitness announced the discovery of a major ZeuS botnet infestation impacting roughly 2,400 companies across the globe. The company dubbed this botnet the “Kneber ZeuS botnet” after the criminal gang was involved. This news went viral as it shed light on the continued vulnerabilities of the world's corporate Information Security practices and provided a deep dive understanding of the inner-workings of a botnet. [7] [8] [9] [10]

NetWitness Visualize, announced in July 2010, provided a new way to visualize network traffic. [11]

In August 2010, NetWitness was named the 21st fastest growing private company in the United States in the annual Inc 500 report. With 7,745.8 percent three-year growth, the company was also ranked as the fastest growing privately held enterprise security product company and the fastest growing company in the Washington, D.C. area. [12]

On April 1, 2011, NetWitness was acquired by EMC Corporation for an undisclosed amount. Former NetWitness products were integrated into EMC's security division, RSA Security. [13]

NetWitness’ CEO, Amit Yoran, was formerly Director of the Department of Homeland Security’s National Cyber Security division.

See also

Related Research Articles

<span class="mw-page-title-main">RSA Security</span> American computer security company

RSA Security LLC, formerly RSA Security, Inc. and trade name RSA, is an American computer and network security company with a focus on encryption and encryption standards. RSA was named after the initials of its co-founders, Ron Rivest, Adi Shamir and Leonard Adleman, after whom the RSA public key cryptography algorithm was also named. Among its products is the SecurID authentication token. The BSAFE cryptography libraries were also initially owned by RSA. RSA is known for incorporating backdoors developed by the NSA in its products. It also organizes the annual RSA Conference, an information security conference.

<span class="mw-page-title-main">VMware</span> Multi-cloud service provider for all apps

VMware LLC is an American cloud computing and virtualization technology company headquartered in Palo Alto, California. VMware was the first commercially successful company to virtualize the x86 architecture.

<span class="mw-page-title-main">ZDNET</span> Business technology news website

ZDNET is a business technology news website owned and operated by Red Ventures. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT–focused online publication.

<span class="mw-page-title-main">Dell EMC</span> Computer storage business

Dell EMC is an American multinational corporation headquartered in Hopkinton, Massachusetts, and Round Rock, Texas, United States. Dell EMC sells data storage, information security, virtualization, analytics, cloud computing and other products and services that enable organizations to store, manage, protect, and analyze data. Dell EMC's target markets include large companies and small- and medium-sized businesses across various vertical markets. The company's stock was added to the New York Stock Exchange on April 6, 1986, and was also listed on the S&P 500 index.

<span class="mw-page-title-main">Iomega</span> Defunct American corporation

Iomega Corporation was a company that produced external, portable, and networked data storage products. Established in the 1980s in Roy, Utah, United States, Iomega sold more than 410 million digital storage drives and disks, including the Zip drive floppy disk system. Formerly a public company, it was acquired by EMC Corporation in 2008, and then by Lenovo, which rebranded the product line as LenovoEMC, until discontinuation in 2018.

Amit Yoran is chairman and chief executive officer of Tenable, Inc., a position held since January 3, 2017. He is also on the board of directors of the Center for Internet Security.

<span class="mw-page-title-main">Window Snyder</span> Computer security expert (born 1975)

Mwende Window Snyder, better known as Window Snyder, is an American computer security expert. She has been a top security officer at Square, Inc., Apple, Fastly, Intel and Mozilla Corporation. She was also a senior security strategist at Microsoft. She is co-author of Threat Modeling, a standard manual on application security.

Mozy was an online backup service for both Windows and macOS users. Linux's support was made available in Q3, 2014. In 2007 Mozy was acquired by EMC, and in 2013 Mozy was included in the EMC Backup Recovery Systems division's product list. On September 7, 2016, Dell Inc. acquired EMC Corporation to form Dell Technologies, restructuring the original Dell Inc. as a subsidiary of Dell Technologies. On March 19, 2018, Carbonite acquired Mozy from Dell for $148.5 million in cash and in 2019 shut down the service, incorporating Mozy's clients into its own online backup service programs.

ManTech International Corporation is an American defense contracting firm based in Herndon, Virginia. It was co-founded in 1968 by Franc Wertheimer and George J. Pedersen. The company uses technology to help government and industry clients. The company name "ManTech" is a portmanteau formed through the combination of "management" and "technology."

<span class="mw-page-title-main">3PAR</span> Manufacturer of systems and software for data storage and information management

3PAR Inc. was a manufacturer of systems and software for data storage and information management headquartered in Fremont, California, USA. 3PAR produced computer data storage products, including hardware disk arrays and storage management software. It became a wholly owned subsidiary of Hewlett Packard Enterprise after an acquisition in 2010.

Trellix is a privately held cybersecurity company that was founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.

Zeus is a Trojan horse malware package that runs on versions of Microsoft Windows. It is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek. Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected.

<span class="mw-page-title-main">Palo Alto Networks</span> American technology company

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.

<span class="mw-page-title-main">Virtustream</span> Cloud computing management software provider

Virtustream was a provider of cloud computing management software, infrastructure as a service ("IaaS") and managed services to enterprises, governments and service providers. It was a subsidiary of Dell Technologies.

<span class="mw-page-title-main">Seculert</span> Israeli cloud-based cyber security technology

Seculert was a cloud-based cyber security technology company based in Petah Tikva, Israel. The company's technology was designed to detect breaches and advanced persistent threats (APTs), attacking networks. Seculert's business was based on malware research and the ability to uncover malware that has gone undetected by other traditional measures.

The CryptoLocker ransomware attack was a cyberattack using the CryptoLocker ransomware that occurred from 5 September 2013 to late May 2014. The attack utilized a trojan that targeted computers running on Microsoft Windows, and was believed to have first been posted to the Internet on 5 September 2013. It propagated via infected email attachments, and via an existing Gameover ZeuS botnet. When activated, the malware encrypted certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. The malware then displayed a message which offered to decrypt the data if a payment was made by a stated deadline, and it threatened to delete the private key if the deadline passes. If the deadline was not met, the malware offered to decrypt data via an online service provided by the malware's operators, for a significantly higher price in bitcoin. There was no guarantee that payment would release the encrypted content.

Operation Tovar was an international collaborative operation carried out by law enforcement agencies from multiple countries against the Gameover ZeuS botnet, which was believed by the investigators to have been used in bank fraud and the distribution of the CryptoLocker ransomware.

Absolute Software Corporation is an American-Canadian company that provides products and services in the fields of endpoint security and zero trust security. It was publicly traded company on the Toronto Stock Exchange (TSX) and Nasdaq until it was acquired by Crosspoint Capital Partners in July 2023.

<span class="mw-page-title-main">Iftach Ian Amit</span> Israeli Hacker

Iftach Ian Amit is an Israeli Hacker/computer security researcher and practitioner. He is one of the co-founders of the Tel Aviv DEF CON Group DC9723, the Penetration Testing Execution Standard, and presented at hacker conventions such as DEF CON, Black Hat, BlueHat, RSA Conference. He has been named SC Magazine's top experts and featured at Narratively's cover piece on Attack of the Superhackers and is frequently quoted and interviewed

<span class="mw-page-title-main">Dell Technologies</span> American multinational technology company

Dell Technologies Inc. is an American multinational technology company headquartered in Round Rock, Texas. It was formed as a result of the September 2016 merger of Dell and EMC Corporation.

References

  1. "ManTech announces successful incubation, spin-out of NetWitness information security product group". MilitaryAerospace.com. 9 November 2006. Retrieved 26 January 2022.
  2. Miller, Ron (18 February 2020). "Dell sells RSA to consortium led by Symphony Technology Group for over $2B". Tech Crunch. Retrieved 26 January 2022.
  3. Miller, Ron (7 September 2016). "$67 billion Dell-EMC deal closes today". Tech Crunch. Retrieved 26 January 2022.
  4. "EMC acquires NetWitness, combines with RSA". ZDNet . April 4, 2011.
  5. "Mantech acquires CTX Corporation". December 6, 2002.
  6. "NetWitness Spins out of Mantech". November 7, 2006.
  7. Siobhan Gorman (February 18, 2010). "Broad New Hacking Attack Detected". Wall Street Journal.
  8. Dan Goodin (February 18, 2010). "Almost 2,500 firms breached in ongoing hack attack". The Register.
  9. John Markoff (February 18, 2010). "Malicious Software Infects Computers". The New York Times.
  10. Jeff Bliss (February 18, 2010). "Global Hackers Breached 2,400 Companies, Security Firm Says". Business Week. Archived from the original on February 21, 2010.
  11. Paul F. Roberts (July 21, 2010). "Network forensics gets a 'Minority Report'-style UI". InfoWorld.
  12. "NetWitness Inc 500 Profile". Inc Magazine. August 21, 2010.
  13. "EMC acquires NetWitness, combines with RSA". ZDNet . April 4, 2011.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.