Improving Network Security Threat Detection
Having trouble viewing this PDF? If you are using Microsoft Edge, please try Google Chrome or another browser, while we work as quickly as we can to improve your viewing experience. Thanks for your patience and we apologize for any inconvenience.
Collecting security-related information is one thing. Getting the most benefit from that data is another. Security analysts get lots of alerts from their security tools. This forces them to prioritize the ones that will get investigated. When additional context is added to the security data, it makes it easier to see what traffic needs a closer look. For instance, discovery, forensics, and remediation all require correlation analysis among the different tools that perform different functions. Correlation analysis becomes easier when all of the network tools get reliable access to relevant traffic at the same time. Enhancing that traffic with context makes it faster for security analysts to get the most from their tools.