As the use of digital forensics continues to grow, with new artifacts providing insight into attacker activity inside and outside of the enterprise network, incident response teams are working to detect and respond to data breaches faster--turning yesterday's investigations into tomorrow's indicators. But many enterprise teams still examine just half the evidence. By focusing on host-based indicators and signatures, many teams miss the one place where the attacker must go: the network!
Network forensics is its own specialized field that often introduces complex protocols, jargon, and analysis techniques that are potentially confusing to practitioners. But particular artifacts can be leveraged to determine the attack sequence and to offer a more complete picture of the breach.
This webcast will examine the power of network forensics and why it should be incorporated into all incident response investigations. Attendees will learn about two types of network artifacts: NetFlow and packet trace files (PCAPs) and the pros and cons of each. Register now and learn how to bolster your investigation efforts by combining both data sets to help guide your incident response teams and to be the first to get the new paper on this topic.
View the associated webcast here.