Collect forensic data

Why it matters

Majority of cybersecurity solutions focus on detection and protection. While this is a necessary first step in stopping the attacks it is also just that, a first step. Often the hard work, finding out what has happened or what is going on starts after the initial alert. The common challenges responders face:

  • Finding out the context and details of the alert is a manual process of combing through disparate data sources
  • Necessary data may be unavailable altogether
  • Associating relevant forensic data to original alert is time consuming detective work

How we can help

  • SensorFleet supports forensic data collection and detection with comprehensive set of Instruments like Traffic Recorder, Netflow and PassiveDNS
  • Forensic data will be collected automatically and close to the source that triggers an alert
  • Data collection triggered by SensorFleet detection Instruments will be automatically associated with the alert
Forensic data collect

Bigger picture

Combining forensic data collection and detection with the automatically generated context information accelerates incident investigation. Forensic data, while centrally manageable, is stored locally on the Sensors. This protects the integrity of the network segregation, saves bandwidth and enables granular data retention policies.

Judging by the raw numbers of tools we placed in each category based on their primary functions, vendors are primarily selling tools in the “protection” and “detection” categories… There’s a lot of room in helping organizations with the identification, response and recovery categories.
Previous use case Detect lateral movement Next use case Discover network connections

Contact us

Privacy policy »

© SensorFleet Oy
Business ID: 2884312-2


SensorFleet Oy
c/o Kielo Growth Oy
Teknologiantie 18
90590 Oulu

Sami Petäjäsoja
+358 40 5030745


SensorFleet Oy
Lapinlahdenkatu 16
Building 15
00180 Helsinki

Simo Mäkipaja
+358 40 583 3999