all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

When does IR teams typically perform network forensics during an incident?

Add to bookmarks
May 10, 2024, 1:50 a.m. | /u/movement2012

cybersecurity www.reddit.com

I thought incidents had already happened, so there should only be a few network-related artifacts left unless attackers are still active in the system and you are lucky enough to be able to capture them.

- When do you capture traffic?
- How do you capture it?
- Do you only analyze malware traffic from the sample?
- Do you rarely do network forensics nowadays?

artifacts attackers capture cybersecurity forensics incident incidents network network forensics system teams thought traffic

Visit resource

More from www.reddit.com / cybersecurity

Two students uncovered a flaw that allows to use laundry machines for free 6 hours ago | www.reddit.com
cybersecurity flaw free laundry machines +3
The Fall of the National Vulnerability Database 9 hours ago | www.reddit.com
cybersecurity database national national vulnerability database +2
What is the downside of using very long, random passwords, and just requesting a password … 9 hours ago | www.reddit.com
cybersecurity email leaked log +10
Senior Cybersecurity Analyst Interview Questions 18 hours ago | www.reddit.com
analyst ask coming cybersecurity +5
CloudFlare IP Range 18 hours ago | www.reddit.com
attention case cloudflare cybersecurity +7
Game plan for the rest of the year. 19 hours ago | www.reddit.com
aim aws center certification +17
CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now 22 hours ago | www.reddit.com
actively exploited cisa cybersecurity d-link +5
What good international certifications could you recommend? 22 hours ago | www.reddit.com
certification certifications continue cybersecurity +6
OT Security resources for beginners 1 day ago | www.reddit.com
cybersecurity

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior Application Security Engineer

@ Austin Community College | HMO99: Field Office - MO Remote Location, Remote City, MO, 65043 USA
View on infosec-jobs.com

Sr. Information Assurance Security Analyst

@ SMS Data Products Group, Inc. | San Antonio, TX, United States
View on infosec-jobs.com

Product Cybersecurity Test Infrastructure Engineer (Remote)

@ SNC-Lavalin | HCT99: Field Office - CT Remote Location, Remote City, CT, 06101 USA
View on infosec-jobs.com