Security Experts Worldwide Rely Upon NetWitness(R) Investigator

July 27, 2009

HERNDON, Va., July 27 /PRNewswire/ — NetWitness Corporation, the leading provider of next generation network security monitoring and threat analysis solutions, announced today that over 15,000 security experts across 5,000 organizations in 126 countries are now using NetWitness Investigator, the award-winning, interactive threat analysis application of the NetWitness NextGen(TM) product suite. Launched in November 2008, adoption of Investigator Freeware has expanded rapidly among enterprise users, network security training organizations and technology consulting firms. Hundreds of new users per week join the NetWitness Freeware community.

“All NetWitness solutions provide a truly revolutionary way to view network activity,” said Tim Belcher, Chief Technology Officer (CTO) of NetWitness. “NetWitness Investigator is unique because it works as both the front-end application for our distributed, real-time enterprise solution, and it also has the ability to process locally imported or captured network data in this same groundbreaking way. We wanted to put this powerful capability into the hands of every security professional and let them experience for themselves the power our solution provides.”

Existing security products lack the agility, breadth and depth to provide adequate network visibility to tackle advanced persistent threats and complex data exfiltration problems because they rely on signatures or statistics, operate mostly at the network layer, or are based upon incomplete information obtained from log files. Leveraging the power inherent in full packet capture and deep session analysis from the network to the application layer, NetWitness offers security operations staff, auditors, and fraud and forensics investigators the power to perform unprecedented free-form contextual analysis instantly, on days or weeks of network traffic. This free version of Investigator permits users of all experience levels this same ability on locally stored or captured traffic, along with fully reconstructed network traffic.

Added Belcher, “When we released Investigator Freeware in November, we hoped the community would appreciate the contribution and that we would find a home in the toolkits of some of the leaders in information security. However, this explosive growth represents nothing short of widespread and grassroots adoption by all levels of security practitioners. We are working hard on additional development and have redoubled our efforts to continue to lead the way with many enhancements and new features.”

Numerous security experts have blogged, tweeted and even created their own videos regarding the power of NetWitness Investigator. For example:

Rocky DeStefano, Decurity Blog (http://blog.decurity.com): “I’ve previously blogged about what I think about critical success criteria for security operations and incident response, and that within the collection activities of the SOC, very little has more importance to me than full packet capture. In a couple of very large organizations I support, I’ve been lucky enough to have NetWitness as the tool we use to support those needs. Now the rest of the world can start to look at this fantastic technology for their network analysis purposes.”

Richard Stiennon, ThreatChaos Blog (http://threatchaos.com): “The Investigator tool sold by NetWitness allows you to reconstruct user sessions from captured network traffic. You can imagine how useful that is if you were involved in an employee termination case, investigating abuse of network resources, or suspected an internal hacker. Just capture a day’s traffic, analyze everything from or to the target in a graphical, easy-to-use interface, and you have your evidence. No more reconstructing sessions one by one, correlation analysis, or pouring through log files.”

Dragos Lungu, Security Tools and Tips (http://www.dragoslungu.com): “I found the most impressive network forensics tool ever. It takes a radically new approach on raw traffic analysis by recomposing all the network sessions and presenting an array of nouns, verbs and adjectives related to the captured data. Forget the pain to go through the hex representation of packets or to manually correlate packets and sessions. Once the data file has been loaded, you have full access to all attributes of the data captured, from layer 1 to layer 7. In 10 seconds, I was able to reconstruct all kinds of TCP sessions, from dropped spam mail (displayed as formatted email), to IM (shown as conversations) and even Twitter updates. Overall, this is the coolest tool I’ve seen in a very long time. It’s like the Matrix scene when Neo gets to see the matrix itself, beyond the VR / agent Smith. NetWitness Investigator gives you this ability to extract intelligence from raw network packets in a second.”

Prior to Investigator, network analysis was a painfully slow process, largely relegated to a time consuming packet by packet review. Even various commercial software solutions designed to enhance analysis of capture files, often costing thousands of dollars, did little but more than produce statistics and antiquated bar charts. Investigator allows users to identify and resolve many of their most complex security problems in seconds, and allows for informed security decisions and accelerated problem resolution.

The fully functional and licensed version of NetWitness Investigator is available for free at: http://download.netwitness.com.

NetWitness operates an Investigator Community Forum in which users can share information related to use cases and customized rule sets. To further educate this community, NetWitness hosts free advanced training Webcasts regarding techniques for leveraging the capabilities and functionality of Investigator. NetWitness will offer the next Investigator Freeware Webcasts on August 19th and September 23rd and an on-demand educational Webcast is available on the NetWitness download Web site. An introduction to NetWitness Investigator is also available on our YouTube channel at: http://www.youtube.com/netwitness.

About NetWitness Corporation

NetWitness(R) Corporation provides patented and award winning, next generation security solutions that help government and private organizations discover, prioritize and remediate complex IT risks. Users of NetWitness NextGen(TM) and InSight(TM) solutions concurrently solve a wide variety of information security problems including: advanced persistent threat management; sensitive data discovery and advanced data leakage detection; malware activity discovery; insider threat management; policy and controls verification and e-discovery. Originally developed for the US Intelligence Community, NetWitness has evolved to provide enterprises around the world with breakthrough methods of network content analysis and host-based risk discovery and prioritization. NetWitness customers include Defense, National Law Enforcement and Intelligence Agencies, Top US and European Banks, Critical Infrastructure, and Global 1000 organizations. NetWitness has offices in the U.S. and the U.K. and partners throughout North and South America Europe, the Middle East, and Asia.

To download the freeware version of NetWitness Investigator, visit http://download.netwitness.com. For more information about securing your entire organization with NetWitness NextGen(TM), contact: sales@netwitness.com. Twitter handle: NetWitness

SOURCE NetWitness Corporation

Source: newswire

comments powered by Disqus