As recent cyber security breach headlines reveal, the key to
minimizing the impact of a security incident is early detection and
swift investigation, which requires fast, powerful forensics capabilities.
The FireEye Investigation Analysis System reveals hidden threats and
accelerates incident response by adding a centralized workbench with
an easy-to-use analytical interface to FireEye Network Forensics, the
industry’s fastest, lossless network data capture and retrieval
solution. The combination of high-performance packet capture and
in-depth analytics provides a powerful complement to comprehensive
FireEye threat prevention and detection capabilities.
Analysts can review specific network packets and sessions before,
during and after an attack. Being able to reconstruct and visualize
the events triggering malware download or callback enables your
security team to respond effectively and swiftly to prevent
recurrence. They can expand visibility into attacker activity by
decoding protocols typically used to laterally spread attacks in a network.
The FireEye Investigation Analysis System supports a number of
configurations for single node and distributed architectures to
optimize bandwidth and performance of metadata aggregation, queries