Network forensics tools increasingly aid security response teams

As malware continues to evade signature-based antivirus and intrusion prevention systems some organizations are turning to network capturing and analysis tools to detect anomalies and respond to security threats as they happen. One such vendor, Herndon, Va.-based NetWitness Corp., competes in the network forensics market against Solera Networks, Check Point Software Technologies and Endace, offering appliances that can suck up network IP packets like a vacuum and store it for real time analysis and detection capabilities. Eddie Schwartz, chief security officer at NetWitness sees growing momentum in the industry as security teams in government agencies, large financial firms and telecommunications companies increasingly turn to network analysis to stop threats that are getting by traditional security systems. In this interview, Schwartz said signature-based systems have their place, but network collection and forensics tools help large businesses respond to threat vectors that had been previously unknown.

This Content Component encountered an error
This Content Component encountered an error

PRO+

Content

Find more PRO+ content and other member only offers, here.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close