all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Packet Analysis for Threat Hunting

Add to bookmarks
May 5, 2023, 1:09 a.m. | /u/Fun_Chest_9662

cybersecurity www.reddit.com

To all the Packet heads and Threat Hunters out there, what is the general flow you have when initially investigating captures or live traffic? Brim, zeek, snort, wireshark? Or do you run them through a SIEM like security onion or splunk?

Just wanting to stir up some conversation and learn how others approach the task.

Edit: the questions mostly for individual fun or practice cases. Feel free to add business cases too! All are good to know!

analysis brim conversation cybersecurity flow general hunters hunting learn live onion packet run security siem snort splunk stir task threat threat hunting traffic what is wireshark zeek

Visit resource

More from www.reddit.com / cybersecurity

New Cuttlefish malware infects routers to monitor traffic for credentials 2 hours ago | www.reddit.com
credentials cuttlefish cuttlefish malware cybersecurity +4
Shortridge Makes Sense of the 2024 Verizon DBIR 7 hours ago | www.reddit.com
big cybersecurity dbir fan +2
CISA Releases Fact Sheet on Defending OT Environments 8 hours ago | www.reddit.com
cisa cybersecurity defending environments +3
For those actively in the job market and having trouble, what specifically is the hardest … 10 hours ago | www.reddit.com
bad current cybersecurity experience +9
Dropbox Says Hackers Breached Digital-Signature Product 10 hours ago | www.reddit.com
breached cybersecurity digital dropbox +3
Creating a breach search website? 15 hours ago | www.reddit.com
breach breached breaches companies +11
Is it normal to see your tools lie? 16 hours ago | www.reddit.com
alert cybersecurity dig expect +10
Remediation Timelines for different types of Network Devices 17 hours ago | www.reddit.com
best practices business business continuity challenges +16
Need to vent. Mantrap to be used as auxiliary office… 20 hours ago | www.reddit.com
cybersecurity intern key leadership +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs