From Project PM
Jump to: navigation, search

NetWitness was acquired on April 1, 2011 by EMC Corporation for an undisclosed amount and operates as a part of RSA Security.

NetWitness customers include Defense, national law enforcement and intelligence agencies, top US and European Banks, and Global 1000 organizations.

NetWitness' primary competitors include Solera, Niksun, AccessData/SilentRunner, FireEye, Dambala, NetScout, and others.


NetWitness® is a revolutionary network monitoring platform that provides enterprises a precise and actionable understanding of everything happening on the network. NetWitness solutions are deployed in customer environments to solve a wide range of challenging information security problems including: insider threats, zero-day exploits and targeted malware, advanced persistent threats, fraud, espionage, data leakage, and continuous monitoring of security controls.

NetWitness is a privately held, venture backed company that has achieved and maintained profitability since mid-2008. Our customers across the global include enterprises in the Global 1000 representing sectors such as financial services, power and energy, telecommunications, retail, and high-tech, as well as government agencies in defense, homeland security, law enforcement, and intelligence.


In the mid-1990s the NetWitness technology was established by CTX Corporation, a Washington D.C. based system integrator. The technology, initially chartered as a US Government research project, was created to help analysts better understand large volumes of captured network data for various types of investigations.

In December 2002, CTX Corporation was acquired by Mantech International Corporation. At Mantech the technology was further developed to aid Federal Law Enforcement in criminal investigations and support professional service engagements for the Federal Government and commercial organizations.

In November 2006, NetWitness Corporation was spun out of Mantech as an independent company to focus on bringing its network analysis technology to the world-wide market.[2] Since the spinout, NetWitness has brought to market a suite of products to support deep, real-time network situational awareness, agile network response and expand their patented NetWitness NextGen™ technology.

In November 2008, NetWitness delivered a freeware version of their Investigator product.

In February 2010, NetWitness announced the discovery of a major ZeuS botnet infestation impacting roughly 2,400 companies across the globe. The company dubbed this botnet the “Kneber ZeuS botnet” after the criminal gang involved. This news went viral as it shed light on the continued vulnerabilities of the world’s corporate Information Security practices and provided a deep dive understanding of the inner-workings of a botnet.

In July 2010, NetWitness announced the availability of NetWitness Visualize, a new tool for visualizing network traffic.

In August 2010, NetWitness was named the 21st fastest growing private company in the United States in the annual Inc 500 report. With 7,745.8 percent three year growth, the company was also ranked as the fastest growing privately held enterprise security product company and the fastest growing company in the Washington, D.C. area.


Spectrum - An expert, automated malware analysis engine that provides prioritization and workflow for zero-day and emerging threats within your enterprise.

Visualize - A revolutionary, multi-touch, graphical rendering of network intercepted data that accelerates the incident management and investigatory processes, enabling faster and easier analysis of what occurred over time.

Live - NetWitness Live aggregates the best advanced threat intelligence and multi-source content of the global security community, and fuses it in real-time with your NetWitness network monitoring platform.

Informer - Provides rules-based, automated reporting, alerting and enterprise security integration for the enterprise.

Investigator - The award-winning, industry standard in deep, freeform analytics for network investigations, and real-time, actionable intelligence.

SIEMLink - Enables instant integration of the NetWitness enterprise network monitoring platform with existing security tools and infrastructures.

API/SDK - A full-featured application programming interface that enables the ultimate in flexibility for NetWitness customers that demand it.

Board of Directors

CEO Amit Yoran - Formerly Director of the US-CERT and National Cyber Security Division of the Department of Homeland Security, and as CEO and advisor to In-Q-Tel, the venture capital arm of the CIA. Vice President of Worldwide Managed Security Services at the Symantec Corporation. Co-founder of Riptech. Officer in the United States Air Force in the Department of Defense's Computer Emergency Response Team. Currently serves as a commissioner on the CSIS Commission on Cyber Security for the 44th Presidency and numerous other industry advisory bodies.

Director and President Nick Lantuh - Formerly President of the NetWitness Product Group, a Division of ManTech International, where he was brought in to run day to day operations and to formulate the NetWitness Group’s management buy-out. Cisco 1999 to 2003. Lantuh has also led the sales, marketing and business development efforts of pre-revenue start-ups in the security, software, wireless and networking spaces leading to three acquisitions and an IPO.

Director H.P. Goldfield - Also currently Senior International Advisor to the global law firm of Hogan Lovells US LLP, member of the Board of Advisors of the Middle East Institute, and a Member of the Board of Directors of Black and Veatch Holding Company, the National Chamber Foundation, and the Israel Policy Forum. Currently Vice Chair of Albright Stonebridge Group and head of its Middle East Regional Practice. Mr. Goldfield served as a Member of the Board of Directors of the Overseas Private Investment Corporation and the Export-Import Bank of the United States (ex-officio). He also served as a member of the White House staff under President Ford and as Associate Counsel to President Reagan (Assistant Secretary of Commerce for Trade Development.)

Director Gilman Louie - He is the founder and former CEO of In-Q-Tel. Previously Mr. Louie built a career as a pioneer in the interactive entertainment industry, with accomplishments that include the design and development of the Falcon F-16 flight simulator as well as being the person who licensed Tetris, the world’s most popular computer game, from its developers in the Soviet Union. Mr. Louie founded and ran Spectrum Holobyte which was acquired by Hasbro Corporation, where he served as chief creative officer of Hasbro Interactive and general manager of the group. Mr. Louie has served on a number of boards of directors, including Wizards of the Coast, Total Entertainment Network, Direct Language, FASA Interactive, and most recently the National Venture Capital Association. He serves as a member of the Markle Foundation Task Force on National Security in the Information Age. In 2006, Mr. Louie was presented with the Directors Award for his service in creating In-Q-Tel and providing service to the intelligence community. Mr. Louie completed the Advanced Management program/International Seniors Management Program at Harvard Business School and received a Bachelor of Science in Business Administration from San Francisco State University.

Director Harrison B. Miller - Harrison B. Miller is a Managing Director with Summit Partners. Harrison first joined Summit Partners in 1988. He was part of the founding management team at Lightspan, an online education company that went public in 2000. At from 1998 to 2003. Harrison was the founding VP and GM of Platform Services, a $180 million unit of the company developing and deploying Amazon’s technology infrastructure as a managed service for major retailers and other customers. Harrison rejoined Summit in 2003. Harrison works in Summit’s Palo Alto office and is active in the firm’s investment activities in North America, Europe and Asia. Harrison is currently a director of NetWitness, Diagnostic Hybrids, LiveOffice, Tiny Prints and The Mutual Fund Store. His prior investments and directorships include AdvaCare, Autobase, Postini, and Software Spectrum. Harrison graduated from Princeton University and received an M.B.A from Stanford Business School.

Director John P. Watters - John P. Watters is Chairman and CEO of iSIGHT Partners, a Global Risk Mitigation company based in Dallas, Texas. Earlier, Mr. Watters was Chairman and CEO of iDEFENSE until its successful acquisition by Verisign in 2005. In the 15 years prior to entering the risk management business with the iDEFENSE acquisition, Mr. Watters was Chairman and CEO of several large diversified investment companies managing principal investments totaling more than $300M. He has served on over 20 corporate and non-profit Board of Directors. He has been actively involved in supporting scholarships for inner-city children in Dallas. Currently he serves on the Investment Committee of the Jesuit Foundation in Dallas and is the Chairman of its Investment Committee since 2000. Mr. Watters graduated from Santa Clara University, and attended the London School of Economics.

Director Suzanne Gorman - Suzanne Gorman is the Director of Governance at Omgeo, the market leader in development and deployment of post-trade, pre-settlement solutions. Prior to Omgeo, Ms. Gorman served as the Managing Director of Corporate Information Security for the Securities Industry Automation Corporation (SIAC) for 15 years. At SIAC and The NYSE Group, Ms. Gorman designed and implemented a comprehensive Information Security program. She has over 25 years of experience in the Financial Services Sector with a strong focus on Information Security. As an active contributor on numerous government councils and advisory committees, she worked on government initiatives at the state and national level. Ms. Gorman has served as the Chairperson of the Financial Services Information Sharing Analysis Center (FS/ISAC) and ISAC Council.

NetWitness also employs Shawn Carpenter, a notable security analyst who discovered operation Titan Rain in 2005.

Email References

Jan 24, 2011 - Thomas Zebley to Ted Vera - "I met with our Product Management team today and was told our company met with Aaron Barr, HBGary Federal and Brian Giradi, Netwitness in reference to a consortium with our technology. We have a new offering which Aaron and Brian Giradi might be interested in. Let me know if you are ok with me reaching out to Aaron directly."

EMC acquires Netwitness - 4.4.2011

NetWitness Visualize demo @ YouTube - 15.7.2010


NetWitness Corporation
10700 Parkridge Blvd. 6th Floor
Reston, Virginia  20191

500 Grove Street
Suite 300
Herndon, VA, 20170
Phone 703.889.8950