Security Analytics & Forensics

The purpose of Security Analytics is to detect attacks as fast as possible, enable IT professionals to block or stop an attack and provide detailed information to reconstruct an attack. They do this by collecting, correlating and analysing a wide range of data.

Security Analytics tools help organisations implement real-time monitoring of servers, endpoints and network traffic, consolidate and coordinate diverse event data from application and network logs, and perform forensic analysis to better understand attack methods and system vulnerabilities. Security Analytics and Forensics tools may also provide critical legal evidence for further action. Security Forensics specifically involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis.

  • Symantec – Security Analytics & Forensics

    by Symantec

    The Symantec portfolio represents the cyber security industry’s only end-to-end solution set. Solutions include secure web gateways with filtering and malware analysis, AV and malware protection, proxy caching devices, email security, SSL visibility, DLP, sandboxing, CASB and security analytics.

    Symantec Security Analytics is like a security camera or DVR for your network. It delivers enriched packet capture for full network security visibility, advanced network forensics, anomaly detection, and real-time content inspection for all network traffic. Armed with this detailed record, you can conduct forensic investigations, respond quickly to incidents, and resolve breaches in a fraction of the time you would spend with conventional processes.

  • LogRhythm – Security Analytics & Forensics

    by LogRhythm

    LogRhythm provide a fully-integrated, enterprise-class security analytics, log management, log analysis and event management solution that empowers organisations to comply with regulations, secure networks and optimise IT operations. By automating the collection, organisation, analysis, archival and recovery of all log data, LogRhythm enables enterprises to comply with log data retention regulations while gaining valuable insights into security, availability, performance and audit issues within their infrastructure.

  • IP-Performance recently ran 2 virtual cyber breach response workshops for Elmbridge Borough Council and we cannot recommend them highly enough. As well as lots of practical resources & templates to take away, the second day culminates with an simulation which brings a cyberattack to life. It’s highly interactive, slightly stressful, but most importantly really makes you think! There’s a definite buzz around cyber at Elmbridge now thanks to Phil and team.

    Nikki Benge, ICT Business Manager,
    Elmbridge Borough Council