Guidance forensics tool now working with SIEM

Guidance Software says its computer forensics tool is now capable of automated collection of data on endpoint devices, including computers and smartphones, based on a security information and event management (SIEM) alert. The Guidance product, EnCase Cybersecurity version 4.3, can now take action to collect forensics data on endpoints after receiving a security alert from the HP SIEM, ArcSight Enterprise Security Manager. According to Anthony Di Bello, Guidance product marketing manager, the goal is to immediately collect forensics data as a security incident may be in progress, perhaps in the middle of the night, if the SIEM issues an alert based on its own compilation of security information from various sources…

More (Network World)

Leave a Comment