I've previously written about using Network miner and Wireshark on an edge. There is another tool available that further makes hunting threats easier and that is Brim.
When capturing as described above using wireshark save to capture file to disk and then open it using Brim.
Ronald works connecting Internet inhabiting things at Fusion Broadband.
This article was previously published over on LinkedIn: The packet capture monkey wrench for hunting threats
Comments
Post a Comment