Network Traffic Analysis tools have been used for a long time to help improve efficiencies in enterprise networks. It has recently been employed as an arm of cybersecurity too. The logic of using traffic analysis in cybersecurity is solid, but the reality is different. Even a small to medium-sized enterprise is going to generate three or four billion traffic logs per month. It then crunches those billions of events in the log using finely tuned algorithms that look for patterns associated with an ongoing attack or an advanced persistent threat (APT)”]
Source: https://www.csoonline.com/article/3212950/patrolling-network-traffic-with-secbi.html