PCAP download for investigation?

Hi,

I am looking for ways to download PCAP for a set of transactions for DPI and forensics. I am aware (from ZenithLive 2019 event) that you guys are planning to release “Retrospective Detection” for similar use cases. Would it be possible to get access to a beta version for us?

Thanks,
Narendra

1 Like

Tell me more about “Retrospective Detection” ??

The retrospective detection/ introspection is done via API’s for specific SaaS apps and analyses data at rest for

  1. Content ( does the file have CCN, PII info etc)
  2. Exposure ( is it publicly shared, shared with personal domains etc)

and can help with reporting and also remediate exposure violations.

It is not done inline and hence can not capture a pcap

This is not what I heard at Zenith Live. Deepen Desai presented Retrospective Detection during the conference and mentioned that 3-6 months worth log data is analyzed retrospectively for any malicious activities.

PCAP: does ZScaler have plans to rollout Digital Experience (ZDX)? If ZDX implements security analyst experience, ability to analyze packets is a natural outcome of that?

Hi @narendra.ramakrishna, correct, we presented the Retrospective Threat Detection product concept, in which we correlate today’s threat intel (Zscaler or customer) against historical logs. We are currently investing internally the architecture and requirements for this product.

1 Like