Top Instructors Share Their Expertise ONLINE at SANS - Special Offers Available NOW!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Full Packet Capturing with TShark for Continuous Monitoring & Packet Threat Intelligence via IP, Domains and URLS

  • Friday, May 08, 2020 at 1:00 PM EDT (2020-05-08 17:00:00 UTC)
  • Nik Alleyne

You can now attend the webcast using your mobile device!



Living in a world in which you have to assume breach, makes the thought of detecting threats more antagonizing. Compoundging this agony, is a world in which we have a global pandemic and the threat actors are looking to take advantage of one of humans most recent calamities. Since threat actors do not take time off matters the season or pandemic, it is imperative, we as defenders, have solutions in place to quickly detect their activities.

Considering the preceding, this webcast will touch on why full packet capture is important. We will provide a Python consisting of two scripts you can be use to make analysis of your packets a bit easier.

Speaker Bio

Nik Alleyne

Nik has over 18 years in IT, with the last 10 being more focused on Security. He is currently employed as a Director Business Development, for a Managed Security Services Provider (MSSP), where he is responsible for leading multiple teams supporting various security technologies including IDS/IPS, Anti-Malware tools, proxies, firewalls, SIEM, Cloud, WAF, etc. He also works with local colleges through their co-op programs, to aid in the development of their cyber security students.

He is also a SANS Instructor, teaching both the SEC503: Intrusion Detection In-Depth & SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling. Additionally, he also authored the book "Learning By Practicing - Hack & Detect: Leveraging the Cyber Kill Chain for Practical Hacking and its Detection via Network Forensics" and during his free time actively writes on his blog at

His academic credentials include a MSc Cyber Security Forensics, BSc Computer Science, along with PG Cert (Hons) specialization in VoIP and Wireless Broadband. He currently holds (and or held) various industry certifications such as CISSP, GCIA, GCIH, GCFA, CCNP Security and R&S, CCMSE +VSX, SFCA, SFCE, SWSE, MCSE, MCITP/EA, BCCPA,IBM Certified Deployment Professional - Security QRadar SIEM V7.1, ITIL, ISO9001 Internal Auditor, Splunk Admin/Knowledge Manager, etc.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.