Looking to extend my knowledge on Security Analytics from RSA I came across this video.
It explains very well some of the capabilities SA from RSA provides, also some good practices to follow such as involved defenders in content development. It is a long video but easy to watch.