Network data is critical in every security investigation
Savvius Vigil automates the collection of network traffic needed for security investigations into both alerts, reducing the likelihood of a breach, and into breaches, minimizing their impact. Even breaches not discovered for months can be effectively investigated using Vigil. Savvius Vigil, which integrates with all leading IDS/IPS systems, includes Omnipeek, award-winning network forensics software.
How It Works
Savvius Vigil integrates with your existing SIEM's IDS/IPS capabilities to trigger storage of network packets. Savvius Vigil integrates events from multiple sources, including network conversations with specified IP addresses. Traffic between relevant nodes is captured before and after the triggered events. Optionally, all related traffic to and from an event's IP addresses is captured as well.
Enabling Network Forensics in Breach Investigations
The bad guys are winning! There are more of them, they are evolving faster than ever, and their weapons are highly automated.