NetWitness Introduces Visualize Improving Network Security Monitoring Platform

Visualize Adds Revolutionary Graphical Rendering Capability to the NetWitness Network Security Monitoring Platform

NetWitness Corporation, the world leader in advanced threat intelligence and real-time network forensics, today announced a revolutionary enhancement to its NetWitness NextGen network security monitoring platform. NetWitness Visualize adds an unprecedented capability to analyze and observe large volumes of rendered network content objects such as audio, documents, images, and video.

Unlike legacy security products that simply rely on log files, netflow or other limited data sets to generate an alert-based method of analysis – NetWitness harnesses the forensics power of a full packet capture infrastructure to provide application layer content and context to the security professional. NetWitness Visualize leverages this recording and deep analytic platform by providing security teams the unique capability to visually zoom in and out of a defined collection of data using their mouse (or fingers with included multi-touch display support), and to drill down and observe exactly what transpired over the course of time or relative to any common reference point.

"Visualize represents an absolute breakthrough in the way security users can query and interact with data from recorded network traffic," said Tim Belcher, Chief Technology Officer of NetWitness. "With this new solution at their fingertips, users can quickly and efficiently scan through large volumes of objects captured by NetWitness, render a visual timeline of an event, deeply interrogate and review all the related activity, and understand all the rich metadata associated with each object. Visualize will help security teams get the definitive answers they need faster, and help them to make smarter risk management decisions."

Visualize enables users to leverage all the rules, keyword searches, and other content filters created in NetWitness Informer to further refine and process the presented information. This agile capability drives efficiency and accuracy into any security investigation or incident management activity, such as:

  • Exfiltration of proprietary information: The ability to monitor and examine all images, such as diagrams, schematics, whiteboard drawings, and other images captured by a mobile phone and sent outside the corporate network.
  • Employee investigation and policy management: What documents has an employee downloaded, sent or received during the last 6 months? Was there corporate confidential information in any of the documents, such financial information, released before a quarterly announcement? Has an employee’s productivity improved after being placed on performance review probation?
  • Data leakage monitoring: The ability to create a daily report to inspect every document sent and received over the network during the past 24 hours. The report enables a user to interrogate the collection for corporate policy violations, Internet usage monitoring and other inappropriate activities.

Generally available as part of the release of NetWitness NextGen 9.5 timed for August 2, 2010, this new solution will be formally unveiled at the BlackHat USA 2010 conference in Las Vegas, Nevada, July 28th and 29th. NetWitness will be at Booth #27.


Please enter your comment!
Please enter your name here