The Driver Behind This Full Packet Captures (FPCs) and NetFlow are probably the most important data you will need during an incident.  FPCs contain all of the data, think of them like a DVR.  FPCs record all communications over a network.  FPCs allow you to reconstruct network activity between systems, allowing you to “re-play the … Continue reading Are you doing Full-Packet Captures or collecting and analyzing NetFlow data?