IT Management  >   Systems Operations  >   Security  >   Network Security  >  

Network Forensics

RSS Feed    Add to Google    Add to My Yahoo!
ALSO CALLED: Cyberforensics, Security Forensics, Digital Forensics, Forensic Analysis, Forensics
DEFINITION: Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. (The term, attributed to firewall expert Marcus Ranum, is borrowed from the legal and criminology fields where forensics pertains to the investigation of crimes.) According to Simson Garfinkel, author of several books on security, network forensics  … 
Definition continues below.
Network Forensics White Papers (View All Report Types)
5 Matches
Indicators of Compromise
sponsored by IBM
WHITE PAPER: This white paper presents indicators of compromise to look out for and outlines a four-step process for remediating these compromises.
Posted: 08 Sep 2015 | Published: 30 Jun 2015


What's Behind a Cyber Attack?
sponsored by IBM
WHITE PAPER: Learn how to uncover the what, when, and how of security incidents to fortify your security strategy against increasingly sophisticated attacks. Examine the shortcomings of conventional breach investigation approaches and how to build intelligence to navigate investigations faster and easier in this helpful whitepaper.
Posted: 12 Nov 2015 | Published: 14 Apr 2014


Security and Privacy on the Encrypted Network
sponsored by Blue Coat Systems
WHITE PAPER: This white paper discusses the challenges of decryption and gives advice on how you can implement it more effectively.
Posted: 17 Sep 2015 | Published: 20 Jan 2015

Blue Coat Systems

Network Forensics in a 10G World
sponsored by WildPackets, Inc.
WHITE PAPER: This resource outlines the challenges inherent to 10G network forensics, explains why traditional network analysis is ineffective, and offers guidance on how to build and deploy effective forensics in a 10G world.
Posted: 30 Aug 2013 | Published: 30 Aug 2013

WildPackets, Inc.

Protecting and Securing Privacy Data and Sensitive Information in Today’s Healthcare Organization
sponsored by Intel Security
WHITE PAPER: This document takes a look at several aspects of data protection and HIPAA compliance and explains how a Data Loss Prevention (DLP) solution can help IT professionals discover sensitive data at rest, monitor traffic in real time, and capture events for after-the-fact investigations.
Posted: 08 Mar 2010 | Published: 08 Mar 2010

Intel Security
5 Matches
NETWORK FORENSICS DEFINITION (continued): …  systems can be one of two kinds:"Catch-it-as-you-can" systems, in which all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage, usually involving a RAID system."Stop, look and listen" systems, in which each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires less storage but may require a faster processor to keep up with incoming traffic.Both approaches require significant storage and … 
Network Forensics definition sponsored by, powered by an online computer dictionary

About TechTarget:

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines

All Rights Reserved, Copyright 2000 - 2016, TechTarget | Read our Privacy Statement