Search company, investor...
NetWitness company logo

NetWitness

netwitness.com

Founded Year

1998

Stage

Acquired | Acquired

Total Raised

$5.7M

About NetWitness

NetWitness Investigator is the interactive threat analysis application of the NextGen product suite. The company's patented methods of viewing network session and application data have helped the company's clients fill in the visibility gaps that exist in their firewall, intrusion detection, SEIM and other security infrastructures. Now, the entire community of security practitioners will have the capability to obtain faster and clearer insight into today's advanced threats

Headquarters Location

330 South Service Road Suite 200

Melville, New York, 11747,

United States

631-962-9600

Missing: NetWitness's Product Demo & Case Studies

Promote your product offering to tech buyers.

Reach 1000s of buyers who use CB Insights to identify vendors, demo products, and make purchasing decisions.

Missing: NetWitness's Product & Differentiators

Don’t let your products get skipped. Buyers use our vendor rankings to shortlist companies and drive requests for proposals (RFPs).

Expert Collections containing NetWitness

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

NetWitness is included in 1 Expert Collection, including Cybersecurity.

C

Cybersecurity

4,937 items

NetWitness Patents

NetWitness has filed 1 patent.

patents chart

Application Date

Grant Date

Title

Related Topics

Status

4/29/2002

12/15/2009

Computer network analysis, Network protocols, Social networks, Network theory, Networks

Grant

Application Date

4/29/2002

Grant Date

12/15/2009

Title

Related Topics

Computer network analysis, Network protocols, Social networks, Network theory, Networks

Status

Grant

Latest NetWitness News

CircleCI, LastPass, Okta, and Slack: Cyberattackers Pivot to Target Core Enterprise Tools

Jan 13, 2023

High-profile software provider compromises in the past few months show that threat actors are actively targeting the services underpinning corporate infrastructure. Here's what to do about it. PDF In early January, development-pipeline service provider CircleCI warned users of a security breach, urging companies to immediately change the passwords, SSH keys, and other secrets stored on or managed by the platform. The attack on the DevOps service left the company scrambling to determine the scope of the breach, limit attackers' ability to modify software projects, and determine which development secrets had been compromised. In the intervening days, the company rotated authentication tokens, changed configuration variables, worked with other providers to expire keys, and continued investigating the incident. "At this point, we are confident that there are no unauthorized actors active in our systems; however, out of an abundance of caution, we want to ensure that all customers take certain preventative measures to protect your data as well," the company stated in an advisory last week . The CircleCI compromise is the latest incident that underscores attackers' increasing focus on fundamental enterprise services. Identity services, such as Okta and LastPass , have disclosed compromises of their systems in the past year, while developer-focused services, such as Slack and GitHub , hastened to respond to successful attacks on their source code and infrastructure as well. The glut of attacks on core enterprise tools highlights the fact that companies should expect these types of providers to become regular targets in the future, says Lori MacVittie, a distinguished engineer and evangelist at cloud security firm F5. "As we rely more on services and software to automate everything from the development build to testing to deployment, these services become an attractive attack surface," she says. "We don't think of them as applications that attackers will focus on, but they are." Identity & Developer Services Under Cyberattack Attackers lately have focused on two major categories of services: identity and access management systems, and developer and application infrastructure. Both types of services underpin critical aspects of enterprise infrastructure. Identity is the glue that connects every part of an organization as well as connecting that organization to partners and customers, says Ben Smith, field CTO at NetWitness, a detection and response firm. "It doesn't matter what product, what platform, you are leveraging ... adversaries have recognized that the only thing better than an organization that specializes in authentication is an organization that specializes on authentication for other customers," he says. Developer services and tools, meanwhile, have become another oft-attacked enterprise service . In September, a threat actor gained access to the Slack channel for the developers at Rockstar Games, for instance, downloading videos, screenshots, and code from the upcoming Grand Theft Auto 6 game. And on Jan. 9, Slack said that it discovered that "a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository." Because identity and developer services often give access to a wide variety of corporate assets — from application services to operations to source code — compromising those services can be a skeleton key to the rest of the company, NetWitness's Smith says. "They are very very attractive targets, which represent low-hanging fruit," he says. "These are classic supply chain attacks — a plumbing attack, because the plumbing is not something that is visible on a daily basis." For Cyberdefense, Manage Secrets Wisely & Establish Playbooks Organizations should prepare for the worst and recognize that there are no simple ways to prevent the impact of such wide-ranging, impactful events, says Ben Lincoln, managing senior consultant at Bishop Fox. "There are ways to protect against this, but they do have some overhead," he says. "So I can see developers being reluctant to implement them until it becomes evident that they are necessary." Among the defensive tactics, Lincoln recommends the comprehensive management of secrets. Companies should be able to "push a button" and rotate all necessary password, keys, and sensitive configuration files, he says. "You need to limit exposure, but if there is a breach, you hopefully have a push button to rotate all those credentials immediately," he says. "Companies should plan extensively in advance and have a process ready to go if the worst thing happens." Organizations can also set traps for attackers. A variety of honeypot-like strategies allow security teams to have a high-fidelity warning that attackers may be in their network or on a service. Creating fake accounts and credentials, so-called credential canaries , can help detect when threat actors have access to sensitive assets. In all other ways, however, companies need to apply zero-trust principles to reduce their attack surface area of — not just machines, software, and services — but also operations, MacVittie says. "Traditionally, operations was hidden and safe behind a big moat [in the enterprise], so companies did not pay as much mind to them," she says. "The way that applications and digital services are constructed today, operations involve a lot of app-to-app, machine-to-app identities, and attackers have started to realize that those identities are as valuable."

NetWitness Frequently Asked Questions (FAQ)

  • When was NetWitness founded?

    NetWitness was founded in 1998.

  • Where is NetWitness's headquarters?

    NetWitness's headquarters is located at 330 South Service Road, Melville.

  • What is NetWitness's latest funding round?

    NetWitness's latest funding round is Acquired.

  • How much did NetWitness raise?

    NetWitness raised a total of $5.7M.

  • Who are the investors of NetWitness?

    Investors of NetWitness include Dell EMC and Summit Partners.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.