Building a Data Lake for Threat Research
Not long ago the thought of storing every DNS query, SSL certificate, HTTP transaction, and netflow record on a traditional enterprise network for an unlimited period »
James "Ace" Condon
Triaging Large Packet Captures - Methods for Extracting & Analyzing Domains
In the recent post Triaging Large Packet Captures - 4 Key TShark Commands to Start Your Investigation, I discussed some areas to begin investigating a large »
Triaging Large Packet Captures - 4 Key TShark Commands to Start Your Investigation
Triaging large packet captures is a daunting task, even for the most seasoned security analysts. With a mountain of data and few leads, analysts need to »
1
1