Current security countermeasures and approaches may address one or more aspects of the problems above, but most are limited in scope. For example, although IDS can detect certain types of malware and exploits, it will not detect most zero-day attacks and will provide no assistance at all with competitor or appropriate-use-related issues. Likewise, content monitoring (CMF) can fall short when asked to make correlations between malware and data exfiltration activities such as those found in beacon traffic or P2P tunneling exploits.
Q2 solution provides your organization a high level of assurance that PII (personally identified information) is not leaving your network without your knowledge and authority. The solution is an enterprise software framework that captures all network traffic and reconstructs the network sessions to the application layer for automated alerting and monitoring, and interactive analysis and review. Part of the solution approach includes the creation of metadata representations of the full network packet captures. Numerous metadata elements specifically tuned to parse the entire network traffic capture in real time for PII, regardless of the application protocol in use. PII is represented in the metadata in the form of nouns that can act as pivot points for an entire multi-terabyte network collection or data set.