SANS: Packet Analysis with Jake Williams - Series 2

In series two, Jake looks at typical incident response scenarios and demonstrates how packet data can provide definitive evidence of exactly what took place. 

Introducing Jake Williams

Packet Analysis with Jake Williams

In this video series, SANS Instructor, US-Army Veteran, and experienced cybersecurity practitioner, "Malware Jake" Williams, explains how with access to packets, you can be certain whether a threat or attack has succeeded, and how. Or alternatively, know for sure that a threat was not successful. Along the way, he demonstrates how packet data can provide an invaluable resource for threat hunting..

Looking at each of these scenarios, Jake demonstrates: 

  • How to prove the negative
  • Closing the logging gaps 
  • Using packet analysis to identify false positives
  • Why packet capture is important for Zero Trust

This is an ideal series of videos for those new to packet analysis and network forensics. But even experienced packet analysts will be sure to learn something new.

 

 

Episode 1: How to prove the negative - no we didn't breach you.


Episode 2: Closing the logging gaps


Episode 3: Using packet analysis to identify false positives


Episode 4: Why packet capture is important for Zero Trust


Who is Endace?

Endace specializes in scalable, high-speed, high-performance packet capture. Our solutions are used by some of world’s biggest organizations on some of the fastest networks on the planet.

If you are looking for a packet capture solution, we’d love to show you why Endace is the best choice. Contact us to book a demo or ask a question.

Contact us