Download NetWitness Investigator Software

Release Date: 11/17/2008
Version: 8.6.4.9
File Size: 31.6MB


NetWitness® Investigator is the award-winning interactive threat analysis application of the NetWitness NextGen product suite. Investigator provides security operations staff, auditors, and fraud and forensics investigators the power to perform unprecedented free-form contextual analysis of raw network data.

You need to always know what is really happening on your network and have the power to drill into network and application layer session attributes on the fly. NetWitness Investigator is the only product that gives you the deep knowledge contained in full packet capture and session analysis and the capability to move mountains of data in just a few easy clicks.


Read the NetWitness Investigator EULA

Product Features:

  • Captures raw packets live from most wired or wireless interfaces
  • Imports packets from any open-source, home-grown and commercial packet capture system (e.g. .pcap file import)
  • License supports 25 simultaneous 1GB captures – far exceeding data manipulation capabilities of packet tools like Wireshark
  • Real-time, patented layer 7 analytics
    – Effectively analyze data starting from application layer entities like users, email, address, files , and actions.
    – Infinite, free-form analysis paths
    – Content starting points
    – Patented port agnostic service identification
  • Extensive network and application layer filtering (e.g. MAC, IP, User, Keywords, Etc.)
  • IPv6 support
  • Full content search, with Regex support
  • Exports data in .pcap format
  • Bookmarking & history tracking
  • Integrated GeoIP for resolving IP addresses to city/county, supporting Google® Earth visualization
  • NEW! SSL Decryption (with server certificate)
  • NEW! Interactive time charts, and summary view
  • NEW! Interactive packet view and decode
  • NEW! Hash PCAP on Export
  • NEW! Enhanced content views

Minimum system requirements:
NetWitness recommends the following minimum hardware requirements for NetWitness Investigator:

  • Windows® XP, 2003 Server, or Vista 32-bit
  • Single 2Ghz Intel-based processor(Dual-core recommended)
  • 1GB RAM(2GB Recommended)
  • 1 Ethernet Port
  • Internet Explorer v7+ (IE v6.x may limit some functionality)
  • Ample data storage for collected data
  • Note: Linux infrastructure available in commercial versions

For more information regarding NetWitness and NetWitness products please visit www.netwitness.com.

Explore More

Kiddies are trying to Dig to PlanetCreator by sending dummies Trojan?

Today, I got a direct email from [email protected] title with “‘bombing’ Breaking News @ Northern Chan State”. It’s zipped with WinRAR : named NamKham.rar. Inside … namkham bombrcs.doc The SCR

SQLi vulnerabiltiy in irrawaddy store owned by Irrawaddy Publishing Group.

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.irrawaddystore.com owned by Irrawaddy Publishing Group. These are some information from Vulneral Site http://www.irrawaddystore.com :

Investigate Google’s Gmail, Docs and other products: EPIC Petitions to FTC

Electronic Privacy Information Center (EPIC) a privacy group based in Washington, D.C filed a petition to Federal trade commission to investigate the Google’s cloud computing offerings. They asked FTC to