Investigate and RespondInvestigate and Respond
NetWitness is a security intelligence product that audits and monitors all traffic on a network. It creates a comprehensive log of all network activities and interprets the activities into a format that network engineers and non-engineers alike can quickly understand.
Logs Data Analytics or SIEM Analytics
Network Data Analytics
Endpoint Data Analytics
User and Entity Behavior Analytics
Analysts can investigate by performing the analysis of the packet, log, and endpoint data captured from your environment or from other collection sources in order to identify possible internal or external threats to your security and IP infrastructure.
NetWitness Respond is designed to help Incident Responders quickly identify the ongoing issues in your network and work with other Analysts to quickly solve the issues. Incidents are logically grouped set of alerts created automatically. When you take an incident from the queue, you receive relevant supporting data to help you investigate the incident.