Traditional computer forensic techniques and tools are inadequate to meet the threats facing today's information infrastructures. Vital systems are taken off-line to secure evidence and assess damage. This activity is generally more costly than the attacks themselves and totally unacceptable in production environments. The traditional approach also does not address the need for real-time decision support capabilities.

As cyber-attacks become more frequent, the inadequacies of current forensic methodologies could severely jeopardize national security. A hybrid approach is required - based on active forensics, adaptive security and integrated with intelligent response capabilities. This improved forensics approach consists of a comprehensive methodology and the necessary support to implement it.

Our approach is cognitive of evidentiary procedure and flexible enough to respond to any cyber-threat. Our model provides a constant forensics presence that becomes an integral part of a total information security program.

S.A.N.E v2.0

All content © Copyright 2001-2004 GETSecure, all rights reserved.