Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
For what topic would you like to see training developed?
Describe the ways Malcolm can analyze live network traffic: via a sensor device (Hedgehog Linux) or by monitoring local network interfaces.
What format would be best suited for this training?
A video
For what topic would you like to see training developed? Describe the ways Malcolm can analyze live network traffic: via a sensor device (Hedgehog Linux) or by monitoring local network interfaces.
What format would be best suited for this training? A video
Is there existing Malcolm documentation that could be improved by including this topic? Live analysis