Investigate and Respond

NetWitness is a security intelligence product that audits and monitors all traffic on a network. It creates a comprehensive log of all network activities and interprets the activities into a format that network engineers and non-engineers alike can quickly understand.

Investigation includes:

  • Logs Data Analytics or SIEM Analytics

  • Network Data Analytics

  • Endpoint Data Analytics

  • User and Entity Behavior Analytics

Analysts can investigate by performing the analysis of the packet, log, and endpoint data captured from your environment or from other collection sources in order to identify possible internal or external threats to your security and IP infrastructure.

NetWitness Respond is designed to help Incident Responders quickly identify the ongoing issues in your network and work with other Analysts to quickly solve the issues. Incidents are logically grouped set of alerts created automatically. When you take an incident from the queue, you receive relevant supporting data to help you investigate the incident.