摘要 |
An integrated network flow and security information management system and method is provided, more particularly, an integrated network flow and security information management system and method which leverages a process of superimposing and cross referencing common events and attributes in order to increase the speed of searches, completeness of searches and size of dataset (flow data). In particular, the process of superimposing may increase the amount of information that can be processed, while accelerating the search, thereby providing the user with more responsive acts of pivoting and scoping leading to a more complete response to network errors and threats. |