Security Analytics & Forensics

The purpose of Security Analytics is to detect attacks as fast as possible, enable IT professionals to block or stop an attack and provide detailed information to reconstruct an attack. They do this by collecting, correlating and analysing a wide range of data.

Security Analytics tools help organisations implement real-time monitoring of servers, endpoints and network traffic, consolidate and coordinate diverse event data from application and network logs, and perform forensic analysis to better understand attack methods and system vulnerabilities. Security Analytics and Forensics tools may also provide critical legal evidence for further action. Security Forensics specifically involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis.

  • Symantec – Security Analytics & Forensics

    by Symantec

    The Symantec portfolio represents the cyber security industry’s only end-to-end solution set. Solutions include secure web gateways with filtering and malware analysis, AV and malware protection, proxy caching devices, email security, SSL visibility, DLP, sandboxing, CASB and security analytics.

    Symantec Security Analytics is like a security camera or DVR for your network. It delivers enriched packet capture for full network security visibility, advanced network forensics, anomaly detection, and real-time content inspection for all network traffic. Armed with this detailed record, you can conduct forensic investigations, respond quickly to incidents, and resolve breaches in a fraction of the time you would spend with conventional processes.

  • LogRhythm – Security Analytics & Forensics

    by LogRhythm

    LogRhythm provide a fully-integrated, enterprise-class security analytics, log management, log analysis and event management solution that empowers organisations to comply with regulations, secure networks and optimise IT operations. By automating the collection, organisation, analysis, archival and recovery of all log data, LogRhythm enables enterprises to comply with log data retention regulations while gaining valuable insights into security, availability, performance and audit issues within their infrastructure.

  • Throughout our business dealings with IP Performance, their expertise, professionalism and “can do” attitude continue to ensure we have the systems we need, when we need them.

    Matt Williams - IT Business Delivery Manager,
    UK Bus, FirstGroup PLC