Market Research Report
Network Security Forensics in the Incident Detection and Response Lifecycle
|Published by||Frost & Sullivan||Product code||621183|
|Published||Content info||162 Pages
Delivery time: 1-2 business days
|Network Security Forensics in the Incident Detection and Response Lifecycle|
|Published: March 9, 2018||Content info: 162 Pages||
The Proof is in the Packet
Network security forensic tools get to the heart of the matter in cybersecurity and that is the proper indexing and correlation of packets. The most noted platforms include RSA NetWitness, Cisco Stealthwatch, Arbor Networks Spectrum, and IBM QRadar. However, often companies do not wish to use full packet capture platforms; and will consider solutions that have partial packet capture with metadata (PacketSled as an example). network security forensics tools offer a way to reduce the mean-time-to-detect (MTTD), and mean-time-to-respond (MTTR) to security incidents and, because these tools offer packet-level visibility, they find the root-cause of an incident.
This network security forensics report is developed in the context of an IDR framework. The framework explains varying attributes of Detection, Contextual Analysis, Remediation, and Restrictions/Penalties for cybersecurity technologies in the security operations center (SOC).
Two capabilities differentiate network security tools from other cybersecurity platforms: