![desktop hero](/_next/image?url=%2Fassets%2Fimages%2Fhero%2Fredtopurple.png&w=1920&q=75)
Zscaler Traffic Capture
Seamless, cloud-based packet capture for security incident investigations, forensics, and threat detection enhancements.
Easily capture decrypted traffic via specific criteria within Zscaler policy engines - supporting efficient security forensics without requiring additional appliances.
Access to past traffic content is a must-have
To conduct deep forensic analysis, investigate incidents, review issues that trigger false positives, test new threat signatures against known threat activity, and ensure regulatory compliance, security practitioners and threat researchers need access to traffic that has traversed the Zscaler Zero Trust Exchange™ platform.
![Cut down cost and complexity cut-down-cost-and-complexity](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FcolumnsIconsModuleCard%2Fcut-down-cost-and-complexity.png&w=128&q=75)
Decrypt and capture traffic content without a legacy appliance-based solution, saving countless hours and expenditures.
![Reduce infrastructure and bandwidth cost reduce-infrastructure-and-bandwidth-cost](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FcolumnsIconsModuleCard%2Freduce-infrastructure-and-bandwidth-cost.png&w=128&q=75)
Define policy-level criteria to capture only content associated with risky events, rather than all content, avoiding further added costs.
![Safeguard data safeguard-data](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FcolumnsIconsModuleCard%2Fsafeguard-data.png&w=128&q=75)
Securely store PCAP files in your preferred external storage.
![](/_next/image?url=%2Fassets%2Fimages%2FleaderBg.png&w=768&q=75)
Get secure and seamless access to traffic content
Zscaler Traffic Capture enables you to incorporate capture decisions into existing policies across URL filtering, malware protection, advanced threat protection, firewall and IPS control, DNS control, and file type control.
By defining granular policies and rules for capturing specific traffic content, you can concentrate on packets and full content related to risky events identified by advanced threat and malware detection signatures, threat intelligence, AI/ML as well as flexible and specific policy controls.
![get-secure-and-seamless-access-to-traffic-content get-secure-and-seamless-access-to-traffic-content](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FleaderWithGraphicModule%2Fget-secure-and-seamless-access-to-traffic-content_1.jpg&w=1920&q=75)
Better security forensics
![conduct-in-depth-forensics conduct-in-depth-forensics](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FuseCaseCard%2Fconduct-in-depth-forensics.jpg&w=1920&q=75)
Capture some traffic for extended periods to support threat hunting and many forensic/incident response investigation needs
![](/_next/image?url=%2Fassets%2Fimages%2Fclouds%2FuseCasesWithNavCloud.png&w=600&q=75)
![Investigate incidents Investigate incidents](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FuseCaseCard%2Finvestigate-incidents.jpg&w=1920&q=75)
Study and replay traffic that might have caused a threat signature or other detection to trigger a false positive
![](/_next/image?url=%2Fassets%2Fimages%2Fclouds%2FuseCasesWithNavCloud.png&w=600&q=75)
![Appraise threat signatures Appraise threat signatures](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FuseCaseCard%2Fappraise-threat-signatures_0.jpg&w=1920&q=75)
Test new threat signatures or detections of any kind against known threat activity in real traffic content
![](/_next/image?url=%2Fassets%2Fimages%2Fclouds%2FuseCasesWithNavCloud.png&w=600&q=75)
![Comply with regulations Comply with regulations](/_next/image?url=https%3A%2F%2Fwww.zscaler.com%2Fsites%2Fdefault%2Ffiles%2FuseCaseCard%2Fcomply-with-regulations.jpg&w=1920&q=75)
Capture traffic content to comply with regulatory compliance requirements
![](/_next/image?url=%2Fassets%2Fimages%2Fclouds%2FuseCasesWithNavCloud.png&w=600&q=75)
Experience the power of the Zscaler Zero Trust Exchange
A comprehensive cloud platform eliminates point products and reduces operational overhead.
01 Cyberthreat Protection
Holistic approach to securing users, workloads, and devices
02 Data Protection
Full TLS/SSL inspection at scale for complete data protection across the SSE platform
03 Zero Trust Connectivity
Connect to apps, not networks, to prevent lateral movement with ZTNA
04 Digital Experience Management
Identify and resolve performance issues
Zscaler Traffic Capture