As attacks are getting more sophisticated, it is no longer a question of if you are going to be breached but when. Security threat prevention is still effective in blocking the vast majority of threats, but the sheer volume of attacks and associated security events means it is often hard to investigate each event using conventional tools meaning breaches will go unnoticed and uninvestigated. Time is of the essence and any solutions that can help reduce the time it takes to detect breaches and contain threats is extremely valuable. Part of the solution is advanced threat detection where anomalies in network behavior can be detected and linked to security event information to raise the priority of an event. In addition to that, security threat prevention solutions can be enhanced with the ability to provide all the details required to investigate an event faster so more events can be examined quicker. Circumstantial evidence based on flow records and event logs are no longer enough – detailed packet data available on-demand so that all the details can be seen and examined quickly is the only way to get to the hard facts and determine quickly if there is an issue or not.