Full Packet Capture Infrastructure Based on Docker Containers

by Mauricio Espinosa Gomez
Sept. 1, 2017 0 comments SANS Institute free and open source software

Full packet capture systems have become an important piece of any Organization’s security infrastructure; having an exact picture of events that happened in the past is fundamental for authorized stakeholders who need to identify the cause-effect of relevant incidents. Particularly in IT security, every piece of information that flows through the network is considered a potential risk to the organization. There is no silver bullet to detect or prevent 100% of threats. Attackers are improving their methodologies to circumvent protective