IBM? QRadar? Incident Forensics allows you to retrace the step-by-step actions of a potential attacker and quickly and easily conduct an in-depth forensics investigation of suspected malicious network security incidents. It reduces the time it takes security teams to investigate QRadar offense records, in many cases from days to hours—or even minutes. It can also help you remediate a network security breach and prevent it from happening again. IBM QRadar Packet Capture appliances are also available to store and manage data if no other network packet capture (PCAP) device is deployed.