Organizations depend on security tools to alert to potentially malicious behavior and proactively block unauthorized communications. However, persistent attackers find ways to circumvent security controls leaving organizations blind to advanced attacks. Network traffic analysis (NTA) is the process of collecting, storing, and analyzing network traffic in order to detect and respond to security threats. Security Information and Event Analysis (SIEM) and packet capture tools help organizations correlate disparate events within their environments and make it difficult for attackers to extract data.

Additional Resources:

CryptoKait – https://cryptokait.com/workshops/ncl-coaching-guide/ncl-coaching-guide-resources-by-category/network-traffic-analysis/