Using Wireshark for Incident Response and Threat Hunting

This workshop will take student’s Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail. Throughout the day, we’ll examine what different attacks look like in Wireshark, which can improve both Red Teams and Blue Teams skills. Students will then have hands-on time in the lab to search for Indicators of Compromise (IOCs) and a potential breach to the network.

Presented by