Rapid investigation of attacks and breaches allows for swift containment and re-mediation.
To truly understand a targeted attack, you need to perform a forensic analysis, and to do this you need fast access to historical network data from before, during and after the event, as well as the means to reconstruct the attack.
This will help you to answer key questions, such as:
How did the attack penetrate or circumnavigate our defences?
For how long has the malware been present in our environment?
Which of our computers have been compromised?
What information has the attacker taken from our network?
The combination of FireEye’s Investigation Analysis system (IA series) and Network Forensics Platform (PX series) provides Security Professionals with the high-speed packet capture and deep forensic analysis capability needed to investigate and ascertain the what, where, when and how of the Zero-Day malware and Advanced Persistent Threats targeting their environments.