IBM Security QRadar Incident Forensics (QRIF) is designed to help security teams take the next step, collecting and reconstructing network packet data associated with a suspected network security incident including metadata. The technology is a natural complement to IBMs SIEM that combs through mountains of log events and netflows to identify those worthy of further investigation based on normalization activities. IBM X-Force Threat Intelligence Quarterly to be released next week, in 2013, more than half a billion records of personally identifiable information were leaked through a number of attacks.”]
Source: https://securityintelligence.com/security-breach-investigate-qradar-incident-forensics/