Using Wireshark for Incident Response and Threat Hunting

BSidesLV 2019

Presented by: Michael Wylie
Date: Wednesday August 07, 2019
Time: 08:00 - 17:55
Location: Training Ground

This workshop will take student’s Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail. Throughout the day, we’ll examine what different attacks look like in Wireshark, which can improve both Red Teams and Blue Teams skills. Students will then have hands-on time in the lab to search for Indicators of Compromise (IOCs) and a potential breach to the network.

Michael Wylie

Michael Wylie, MBA, CISSP is the Director of Cybersecurity Services at Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability assessments, cloud security, penetration tests, risk management, and training. Michael has developed and taught numerous courses for the U.S. Department of Defense, Moorpark College, California State Universities, and clients around the country. Michael holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GPEN, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, and more. Michael is responsible for identifying four zero-day vulnerabilities in major tax software in 2018. Twitter: @TheMikeWylie


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats