{"id":2700,"date":"2019-07-15T12:11:21","date_gmt":"2019-07-15T16:11:21","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=2700"},"modified":"2019-07-15T14:09:20","modified_gmt":"2019-07-15T18:09:20","slug":"why-network-packet-captures-should-matter-to-cios-and-cisos","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/","title":{"rendered":"Why Network Packet Captures Should Matter to CIOs and CISOs"},"content":{"rendered":"<p style=\"text-align: justify\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2562\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg\" alt=\"Why Network Packet Captures Should Matter to CIOs and CISOs\" width=\"800\" height=\"438\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod-300x164.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod-768x420.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod-493x270.jpg 493w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod-148x81.jpg 148w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod-329x180.jpg 329w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\">So what are network packet captures? Why do they matter to modern <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM<\/a> processes and network security? Why should enterprise CIOs and CISOs care about them?<\/p>\n<p style=\"text-align: justify\">To answer these questions in-depth, we spoke with Jason Walls. Mr. Walls serves as Director of Technical Marketing for <a href=\"https:\/\/cloudshark.io\/\" target=\"_blank\" rel=\"noopener noreferrer\">CloudShark<\/a>, a QA Cafe LLC product. CloudShark offers a collaboration platform for packet analysis, troubleshooting, and investigation.<\/p>\n<p style=\"text-align: justify\">Take it away, Mr. Walls!<\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/><\/span><\/p>\n<h2 style=\"text-align: justify\"><strong>Why Network Packet Captures Should Matter to CIOs and CISOs<\/strong><\/h2>\n<p style=\"text-align: justify\">By Jason Walls<\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Network security has never been more important; network visibility demands have seen a huge increase as networks become virtualized and more complex.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Currently, Network and Security Operations Center (NOC and SOC) teams count every minute when troubleshooting performance problems or hunting down malicious activity. As technology has improved, more organizations have turned towards analytics, AI, and automation in order to manage this complexity and reduce dwell time.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Many of these tools are based around high-level \u201cdashboard\u201d style systems for network visibility or security monitoring. For example, automated Intrusion Detection Systems (IDS) that apply threat rules to flag malicious activity have become the norm, and are becoming more advanced every day. Indeed, the competition is high as security software companies (\u201cas a service\u201d or otherwise) seek to capture this ever growing and important market.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The gains achieved by CIOs through automation and analytics cannot be understated. However, the need for teams to view and analyze network data directly becomes even more critical as automation becomes relied upon more heavily.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This information, in the form of network packet captures, provides the evidence and detail necessary for experts to conclusively resolve issues. Expertise in capture analysis, however, is an esoteric field, and often overlooked by CIOs and CISOs when considering their entire IT or security workflow. Properly realized as the valuable resource they are, giving your teams easy access to packet captures will have your teams solving problems faster and more reliably.<\/span><\/p>\n<h2 style=\"text-align: justify\"><b>What are Network Packet Captures?<\/b><\/h2>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Network packet captures, colloquially known as \u201cpcaps\u201d, are a standardized way to record network data from a network interface.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The \u201cpcap\u201d term comes from the file format generated by the \u201clibpcap\u201d library, which is still used today by nearly any tool that generates network traces. Pcaps contain a record of all of the packets that traversed a given interface, plus additional metadata to aid the use of analysis tools. For example, applications that generate packet captures include tcpdump and Wireshark.<\/span><\/p>\n<div id=\"attachment_2701\" style=\"width: 670px\" class=\"wp-caption alignleft\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-2701\" class=\"wp-image-2701 size-large\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-1024x580.png\" alt=\"packet captures Jason Walls\" width=\"660\" height=\"374\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-1024x580.png 1024w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-300x170.png 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-768x435.png 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-800x453.png 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-1000x567.png 1000w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-476x270.png 476w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-143x81.png 143w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe-318x180.png 318w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/07\/packet-capture-data-cs-traceframe.png 1297w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><p id=\"caption-attachment-2701\" class=\"wp-caption-text\">Example of Packet Capture Data via a CS TraceFrame Window<\/p><\/div>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Network visibility and security monitoring tools can include the ability to generate pcaps either as part of their automated processes or when specifically tasked to do so by a user. The capture generation libraries and applications often include the ability to use filters that help capture packets that are of interest, reducing the \u201cnoise\u201d for later analysis.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Still others generate full captures of line-rate data, using massive amounts of storage to ensure nothing is missed. This latter is usually used in high-risk industries that have rigorous compliance standards.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>From Automation to Workflow\u2014Why Do Captures Matter?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Though network visibility, performance, and security monitoring tools have become better at providing automated feedback to NOC and SOC teams, they do not always provide all of the information necessary to correctly identify, resolve, or report on issues.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">All of the information provided has been interpreted in some way by the application. They don\u2019t necessarily show \u201cwhat\u2019s on the wire,\u201d and differences in how that information is interpreted require analysts to dive deeper to get the real answers.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Uncovering Hidden Performance Issues<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">In network performance monitoring, while automated tools can tell you which systems or applications may be suffering from performance issues, the \u201cwhy\u201d can be hidden within the network data itself.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">For example, the highly performance-sensitive networks in financial trading can see drastic effects from network \u201cmicrobursts,\u201d when systems send data inconsistently, overwhelming network equipment in ways that can\u2019t be identified without looking at packets at the microsecond level.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">In enterprises, the network (and as a result, IT departments) can get blamed for bad experiences of end users in the organization. With an analysis of the packet captures, teams can demonstrate that it was, in fact, \u201cnot the network,\u201d but a poorly designed application or service that is impacting performance.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Accurate Security Resolution and Reporting<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Packet captures can make the resolution of performance issues vastly more efficient, but they are absolutely critical to security analysis and threat hunting. An event starts with a security alert, but security alerts are only part of the story. Network packet captures can aid in:<\/span><\/p>\n<h4 style=\"text-align: justify\"><b>* Eliminating False Positives<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">IDS systems often rely on standardized threat rules that have been curated by the industry. These rules tend to cast a wide net, looking for anything that might be considered dangerous. Sometimes, this can result in a false positive\u2014a threat alert that turned out to be benign. Having analysts look at the pcaps after the fact can help to eliminate these false positives, allowing the team to tweak the rules or keep track of the issue should it happen again.<\/span><\/p>\n<h4 style=\"text-align: justify\"><b>* Uncovering Well-Hidden Attacks<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Some forms of attack can\u2019t be detected by an IDS. For example, quirks in TCP or differences in the way hosts and monitoring applications handle network data can allow attackers to hide their activity, or trick browsers into loading malicious websites. Differences in the way that operating systems handle TCP will make attacks like this go unnoticed if an analyst is simply looking at the reassembled data stream.\u00a0<\/span><\/p>\n<h4 style=\"text-align: justify\"><b>* Enabling Threat Hunting<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The cybersecurity community does a good job updating the open-source threat rules that many IDS&#8217; use. However, new attack vectors are exploited every day, and SOC teams go through the threat assessment lifecycle to catch these attacks, report them to the organization, and generate new rules for their automated systems, which are sometimes shared back to the cybersecurity community.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">An IDS won\u2019t catch activity it doesn\u2019t know about, and packet capture data is the only way to fully identify, investigate, and remediate a new attack. Additionally, they provide the historical data necessary for retrospective analysis\u2014making sure that what happened didn\u2019t happen before, compromising other systems.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Making Packet Captures Available to NOC and SOC Teams<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Once an AI tool isolates an issue, pcaps become an integral part of any NOC or SOC workflow, helping them do their jobs more effectively.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">For CIO\u2019s and CISO\u2019s, it\u2019s important to make sure that the tools you choose as part of your overall plan not only include the ability to generate packet captures but allow teams to access them and work with them easily.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">For developers of network visibility and security monitoring tools, especially those built on automation and analytics, it\u2019s a critical value-add to include pcap visibility in an easily accessible and responsive way that doesn\u2019t force your users to leave your application to work with them\u2014doing so will give you a significant competitive advantage. In the end, a greater awareness of pcaps and encouraging methods of using them will make for better networks and more secure organizations overall.<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"hr hr\"><\/div><\/p>\n<p style=\"text-align: justify\">Thanks again to Jason Walls of <a href=\"https:\/\/cloudshark.io\/\" target=\"_blank\" rel=\"noopener noreferrer\">CloudShark<\/a> for his time and expertise! For more information about cybersecurity capabilities and tools, be sure to also check out our <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM Buyer&#8217;s Guide<\/a>!<\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/security-information-event-management-vendor-map\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/02\/SIEM_VM_SB.jpg\" alt=\"Download Link to SIEM Vendor Map\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>So what are network packet captures? Why do they matter to modern SIEM processes and network security? Why should enterprise CIOs and CISOs care about them? To answer these questions in-depth, we spoke with Jason Walls. Mr. Walls serves as Director of Technical Marketing for CloudShark, a QA Cafe LLC product. CloudShark offers a collaboration [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":2562,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[353,1121,95,86,1125,1123,1122,1124,21,57,22,347,373],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Why Network Packet Captures Should Matter to CIOs and CISOs<\/title>\n<meta name=\"description\" content=\"So what are network packet captures? Why do they matter to modern SIEM processes and network security? Why should enterprise CIOs and CISOs care about\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why Network Packet Captures Should Matter to CIOs and CISOs\" \/>\n<meta property=\"og:description\" content=\"So what are network packet captures? Why do they matter to modern SIEM processes and network security? Why should enterprise CIOs and CISOs care about\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/\" \/>\n<meta property=\"og:site_name\" content=\"SIEM Tools &amp; Security Event Management | Solutions Review\" \/>\n<meta property=\"article:published_time\" content=\"2019-07-15T16:11:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-07-15T18:09:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"438\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/\",\"name\":\"Why Network Packet Captures Should Matter to CIOs and CISOs\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg\",\"datePublished\":\"2019-07-15T16:11:21+00:00\",\"dateModified\":\"2019-07-15T18:09:20+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"So what are network packet captures? Why do they matter to modern SIEM processes and network security? Why should enterprise CIOs and CISOs care about\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg\",\"width\":800,\"height\":438,\"caption\":\"The Solution Review Compendium of SIEM Articles and Best Practices\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why Network Packet Captures Should Matter to CIOs and CISOs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"SIEM Tools &amp; Security Event Management | Solutions Review\",\"description\":\"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why Network Packet Captures Should Matter to CIOs and CISOs","description":"So what are network packet captures? Why do they matter to modern SIEM processes and network security? Why should enterprise CIOs and CISOs care about","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/","og_locale":"en_US","og_type":"article","og_title":"Why Network Packet Captures Should Matter to CIOs and CISOs","og_description":"So what are network packet captures? Why do they matter to modern SIEM processes and network security? Why should enterprise CIOs and CISOs care about","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/","og_site_name":"SIEM Tools &amp; Security Event Management | Solutions Review","article_published_time":"2019-07-15T16:11:21+00:00","article_modified_time":"2019-07-15T18:09:20+00:00","og_image":[{"width":800,"height":438,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/","name":"Why Network Packet Captures Should Matter to CIOs and CISOs","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg","datePublished":"2019-07-15T16:11:21+00:00","dateModified":"2019-07-15T18:09:20+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"So what are network packet captures? Why do they matter to modern SIEM processes and network security? Why should enterprise CIOs and CISOs care about","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/05\/risk-assessment-mod.jpg","width":800,"height":438,"caption":"The Solution Review Compendium of SIEM Articles and Best Practices"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-network-packet-captures-should-matter-to-cios-and-cisos\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Why Network Packet Captures Should Matter to CIOs and CISOs"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"SIEM Tools &amp; Security Event Management | Solutions Review","description":"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2700"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=2700"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2700\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/2562"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=2700"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=2700"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=2700"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}