Zscaler Traffic Capture
Seamless, cloud-based packet capture for security incident investigations, forensics, and threat detection enhancements.
Easily capture decrypted traffic via specific criteria within Zscaler policy engines - supporting efficient security forensics without requiring additional appliances.
Access to past traffic content is a must-have
To conduct deep forensic analysis, investigate incidents, review issues that trigger false positives, test new threat signatures against known threat activity, and ensure regulatory compliance, security practitioners and threat researchers need access to traffic that has traversed the Zscaler Zero Trust Exchange™ platform.
Reduce time, effort, and cost to capture traffic content
Get secure and seamless access to traffic content
Zscaler Traffic Capture enables you to incorporate capture decisions into existing policies across URL filtering, malware protection, advanced threat protection, firewall and IPS control, DNS control, and file type control.
By defining granular policies and rules for capturing specific traffic content, you can concentrate on packets and full content related to risky events identified by advanced threat and malware detection signatures, threat intelligence, AI/ML as well as flexible and specific policy controls.
Better security forensics
Capture some traffic for extended periods to support threat hunting and many forensic/incident response investigation needs
Study and replay traffic that might have caused a threat signature or other detection to trigger a false positive
Test new threat signatures or detections of any kind against known threat activity in real traffic content
Capture traffic content to comply with regulatory compliance requirements