An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The Network Forensics relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.
Network Forensics Key Benefits
Minimizes risk of costly cyber breaches
Provides investment protection
Creates a strong defense across the entire organization for all types of devices
Offers flexibility to align with organizational preferences and resources
Provides visibility across wider attack surface
Gives real-time protection against evasive attacks
Reduces operational cost of triaging unreliable alerts
Automates and simplifies security workflows
Accelerates prioritization and resolution of detected security incidents
Network Forensics Products
Symantec Security Analytics
