PCAPS Or It Didn't Happen- Corey Thuen - PSW #654

43:01
 
Share
 

Manage episode 263863416 series 72776
By Paul Asadoorian and Security Weekly. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

Threat hunting activities often require packet capture analysis but capturing and storing PCAP at scale is rough. This segment covers open source tools for collecting packet captures on demand within a threat hunting use case in Gravwell.

To learn more about Gravwell, visit: https://securityweekly.com/gravwell

To check out Packet Fleet, visit: https://github.com/gravwell/ingesters/tree/master/PacketFleet

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://wiki.securityweekly.com/PSWEpisode654

2153 episodes