Network Security Analytics takes network forensics beyond captured and indexed network data into an environment where analysts can work across best-of-breed tools and have their difficult security questions answered using application-layer attributes. Network Security Analytics integrates Security Information Event Management (SIEM), Log Management, Intrusion Detection Systems (IDS), Data Loss Prevention (DLP), Deep Packet Inspection, and malware detection tools into the single workflow necessary to combat today's threats.
To combat today's sophisticated attacks, administrators and incident responders require the best equipment and deepest visibility into the activities, applications, and personas on their network. They need the ability to react quickly to events in real-time within the full context of the event, because the stakes, whether reputation, financial loss, or market cap exposure are too high. Every second matters. The difference between "set it and forget it" and the active response approach is data. Network Security Analytics can make sense of the data and provide actionable evidence on how to defend your network.