Showing results for 
Search instead for 
Did you mean: 
Collaborator II

The RSA Advanced Cyber Defense (ACD) Practice leads the way in helping organizations better defend against advanced threats. It provides access to highly skilled, real-world security practitioners with an average of 10-plus years of providing breach-management services and of building, operating, and managing SOCs.

RSA Security Operations Management product team and RSA ACD practice team have collaborated together to deliver a set of 10 free Incident Response procedures to RSA SecOps customers. These free Incident Response Procedures are available for download on this page and consists for the following procedures:

  • Attachment Based E-Mail Procedure
  • VPN Connection Source Anomaly Procedure
  • Port Protocol Mismatch Procedure
  • Link Based E-Mail Procedure
  • Keylogger Procedure
  • Internal Port Scanning Procedure
  • Hacker Tools Procedure
  • General Malware Detection Procedure
  • Exploit Kit Procedure
  • Banking Trojan Procedure


To use these procedures, you need to use RSA Security Operations Management (SecOps) version 1.1 or above. The steps to import these procedures into RSA SecOps is available in the Installation Guide.

The RSA ACD practice team can be leveraged for additional procedures and further customization.


For more information on the RSA Advanced Cyber Defense Team (ACD), watch RSA Advanced Cyber Defense Practice Senior Director Peter Tran discuss how the practice can help protect your organization from cyber attacks with readiness, response, and resiliency services.


Watch the video here: RSA Advanced Cyber Defense Practice on Cyber Attack Protection - Incident Response, IT Security - EMC