Packet captures give you the details you need to solve problems
Packet captures contain the details you need to solve network and cybersecurity issues faster. However, they can be difficult to work with and have a reputation for requiring specialized knowledge.
We believe that anyone can use pcaps! These articles, videos, and resources from experts in the industry can help get you started.
Packet capture training resourcesPractical information for pcap analysis
Articles
5 tips to improve incident response using packet captures
February 03, 2021 · 5 min read
When an attack happens, the packet data that flows across the network is critical to the incident response lifecycle. Here's 5 tips to greatly improve the success of your security operations using pcaps along with tools like Zeek and Suricata.
Articles
Learning how to Troubleshoot WiFi
February 05, 2021 · 3 min read
Now that we have our new Aerohive APs in our office, we’ve been excited to learn more about wireless troubleshooting and debugging. The built-in packet capture feature in HiveManager NG makes getting traces into CloudShark for analysis really easy. Now that we have the traces, what do we do with them?
Articles
Tips for Troubleshooting Encrypted Web Applications
February 02, 2021 · 5 min read
As security and privacy become more important every day, the use of encrypted connections between clients, servers, and peers has been increasing at an amazing rate. With efficiency improvements to secure technologies like TLS 1.3 and easier methods to obtain certificates like LetsEncrypt, this number is only going to grow.
Articles
Getting started with packet analysis for network and security issues
February 04, 2021 · 4 min read
Where do I start with packet capture analysis? Here are some expert resources from our colleagues in the network and security industry answering the most common questions we get about packet analysis at QA Cafe.
Articles
What are some easy to use packet capture tools?
February 04, 2021 · 5 min read
A common question we get other than where to find example packet captures is which packet capture tools exist that are either free, work in a command line, work directly with CloudShark, or all of the above. Here’s a list of our go-to capture tools (other than Wireshark of course) and the different scenarios in which they can be used.
Articles
It's not the network - troubleshooting slow apps with packet captures
February 04, 2021 · 5 min read
Is it the network, or the application? This question is so common that “it’s not the network” is a meme among IT professionals and developers alike.
Articles
Using Follow Stream for Packet Capture Analysis
February 04, 2021 · 6 min read
When getting to the heart of an application or security problem, finding the right TCP stream and following it using the “Follow TCP Stream” view in CloudShark is usually the place you want to get to in order to see an issue in action, for a great many use cases. But how do you find the right stream, and what should you look for once you’re viewing it?
Articles
Where can I find sample packet captures?
February 05, 2021 · 2 min read
CloudShark’s capture repository is great for uploading your own captures and building a complete list of your network capture history and all of the captures that are most important to you. But, one of the most frequent questions we get is “Where can I find sample packet captures?“”
Webinars
Cutting Through Network Forensic Data With Zeek
February 08, 2021 · 1 min read
Zeek (formerly Bro) is a powerful tool trusted by networking and cybersecurity experts for analyzing network traffic. By creating collated, organized records of network activity (called “logs”), Zeek gives the network analyst a new approach when dissecting and investigating traffic.
Webinars
Profiles Are Power - Best Practices for Network Problem Solving
February 08, 2021 · 1 min read
Betty DuBois gives an in-depth look at how profiles can help you solve your packet capture problems faster by cutting through the hard work and helping experts and entry-level analysts work together.
Articles
New ways to analyze network traffic with Suricata
September 13, 2021
In this article, we explore what Suricata is, what it does, and some of the new and interesting ways we use Suricata in CloudShark, CDRouter, and PassPort.
Webinars
Making the Internet Safer: How and Why We Use Suricata to Analyze Network Traffic and Test Network Devices
October 06, 2021
Whether you are a network product developer, network operator/ISP, or on a network/security operations team, learning about open-source Intrusion Detection System platforms like Suricata will help you! Watch our video to learn what it is how we use it in our products at QA Cafe.
Articles
Packet capture use cases for operators and ISPs
November 08, 2021
What are some of the best ways that operators can gather and record network packets? What should you do as a vendor to enable packet capture in your products? What are the best ways to work with captures once you have them?
Articles
Sample captures for QUIC, DoH, CommunityID, WPA3 and other protocols in CloudShark 3.10
November 17, 2022
This collection of sample capture files highlights some of the new and updated protocol support included in CloudShark 3.10, including QUIC, DoH, WPA3, JA3, CommunityID, OPUS over RTP, and Wireguard.
Articles
How to write a Wireshark tap plugin in Lua
January 20, 2023
Creating Lua plugins can be very useful to Wireshark and TShark users, and there’s a great community around building them. Here's how we built our Wireless Networks Tap in Lua to use as a useful example when writing your own plugins!
Articles
Using new display filters in CloudShark 3.10+
March 01, 2023
CloudShark 3.10 updates the display filter language, and users may need to update certain filters in their existing profiles. Here are the major changes users should know about and how to best use them!
Articles
About TCP Completeness
May 16, 2023
A new field in CloudShark called "TCP Completeness" calculates which packets of a TCP connection are seen in a PCAP file. This field allows you to determine if the TCP 3-way handshake has been captured while viewing any packet in the connection. This article will explain why it is essential to know if these packets have been captured, how the value for this field is calculated, and how you can use it.
Articles, Videos, Webinars
Keeping PCAPs secure in cloud-managed networks
May 01, 2024
Here are some of the most essential things to consider when deciding how to handle pcaps in your solution and what customers should ask for when considering a cloud-managed network or cybersecurity solution for their organization.
Videos, Webinars
Navigating network and cybersecurity pcap analysis in CloudShark 4.0
February 20, 2025
Watch our webinar and read the article that highlights the new features of CloudShark 4.0, the impact of these updates on enterprise-grade packet analysis, and how CIOs, CISOs, and SOC/NOC leaders can use these enhancements to scale and optimize their network security operation.
Articles, Videos
Why Packet Analysis Still Matters (and Why You’re Running Out of People Who Can Do It)
April 24, 2025
Packet analysis is a critical skillset when network and security problems strike. In this interview with Chris Greer from Packet Pioneer, we explore some of the reasons this skills gap exists and what you can do about it.
Articles
5 tips to improve incident response using packet captures
February 03, 2021 · 5 min readWhen an attack happens, the packet data that flows across the network is critical to the incident response lifecycle. Here's 5 tips to greatly improve the success of your security operations using pcaps along with tools like Zeek and Suricata.
Articles
Learning how to Troubleshoot WiFi
February 05, 2021 · 3 min readNow that we have our new Aerohive APs in our office, we’ve been excited to learn more about wireless troubleshooting and debugging. The built-in packet capture feature in HiveManager NG makes getting traces into CloudShark for analysis really easy. Now that we have the traces, what do we do with them?
Articles
Tips for Troubleshooting Encrypted Web Applications
February 02, 2021 · 5 min readAs security and privacy become more important every day, the use of encrypted connections between clients, servers, and peers has been increasing at an amazing rate. With efficiency improvements to secure technologies like TLS 1.3 and easier methods to obtain certificates like LetsEncrypt, this number is only going to grow.
Articles
Getting started with packet analysis for network and security issues
February 04, 2021 · 4 min readWhere do I start with packet capture analysis? Here are some expert resources from our colleagues in the network and security industry answering the most common questions we get about packet analysis at QA Cafe.
Articles
What are some easy to use packet capture tools?
February 04, 2021 · 5 min readA common question we get other than where to find example packet captures is which packet capture tools exist that are either free, work in a command line, work directly with CloudShark, or all of the above. Here’s a list of our go-to capture tools (other than Wireshark of course) and the different scenarios in which they can be used.
Articles
It's not the network - troubleshooting slow apps with packet captures
February 04, 2021 · 5 min readIs it the network, or the application? This question is so common that “it’s not the network” is a meme among IT professionals and developers alike.
Articles
Using Follow Stream for Packet Capture Analysis
February 04, 2021 · 6 min readWhen getting to the heart of an application or security problem, finding the right TCP stream and following it using the “Follow TCP Stream” view in CloudShark is usually the place you want to get to in order to see an issue in action, for a great many use cases. But how do you find the right stream, and what should you look for once you’re viewing it?
Articles
Where can I find sample packet captures?
February 05, 2021 · 2 min readCloudShark’s capture repository is great for uploading your own captures and building a complete list of your network capture history and all of the captures that are most important to you. But, one of the most frequent questions we get is “Where can I find sample packet captures?“”
Webinars
Cutting Through Network Forensic Data With Zeek
February 08, 2021 · 1 min readZeek (formerly Bro) is a powerful tool trusted by networking and cybersecurity experts for analyzing network traffic. By creating collated, organized records of network activity (called “logs”), Zeek gives the network analyst a new approach when dissecting and investigating traffic.
Webinars
Profiles Are Power - Best Practices for Network Problem Solving
February 08, 2021 · 1 min readBetty DuBois gives an in-depth look at how profiles can help you solve your packet capture problems faster by cutting through the hard work and helping experts and entry-level analysts work together.
Articles
New ways to analyze network traffic with Suricata
September 13, 2021In this article, we explore what Suricata is, what it does, and some of the new and interesting ways we use Suricata in CloudShark, CDRouter, and PassPort.
Webinars
Making the Internet Safer: How and Why We Use Suricata to Analyze Network Traffic and Test Network Devices
October 06, 2021Whether you are a network product developer, network operator/ISP, or on a network/security operations team, learning about open-source Intrusion Detection System platforms like Suricata will help you! Watch our video to learn what it is how we use it in our products at QA Cafe.
Articles
Packet capture use cases for operators and ISPs
November 08, 2021What are some of the best ways that operators can gather and record network packets? What should you do as a vendor to enable packet capture in your products? What are the best ways to work with captures once you have them?
Articles
Sample captures for QUIC, DoH, CommunityID, WPA3 and other protocols in CloudShark 3.10
November 17, 2022This collection of sample capture files highlights some of the new and updated protocol support included in CloudShark 3.10, including QUIC, DoH, WPA3, JA3, CommunityID, OPUS over RTP, and Wireguard.
Articles
How to write a Wireshark tap plugin in Lua
January 20, 2023Creating Lua plugins can be very useful to Wireshark and TShark users, and there’s a great community around building them. Here's how we built our Wireless Networks Tap in Lua to use as a useful example when writing your own plugins!
Articles
Using new display filters in CloudShark 3.10+
March 01, 2023CloudShark 3.10 updates the display filter language, and users may need to update certain filters in their existing profiles. Here are the major changes users should know about and how to best use them!
Articles
About TCP Completeness
May 16, 2023A new field in CloudShark called "TCP Completeness" calculates which packets of a TCP connection are seen in a PCAP file. This field allows you to determine if the TCP 3-way handshake has been captured while viewing any packet in the connection. This article will explain why it is essential to know if these packets have been captured, how the value for this field is calculated, and how you can use it.
Articles, Videos, Webinars
Keeping PCAPs secure in cloud-managed networks
May 01, 2024Here are some of the most essential things to consider when deciding how to handle pcaps in your solution and what customers should ask for when considering a cloud-managed network or cybersecurity solution for their organization.
Videos, Webinars
Navigating network and cybersecurity pcap analysis in CloudShark 4.0
February 20, 2025Watch our webinar and read the article that highlights the new features of CloudShark 4.0, the impact of these updates on enterprise-grade packet analysis, and how CIOs, CISOs, and SOC/NOC leaders can use these enhancements to scale and optimize their network security operation.
Articles, Videos
Why Packet Analysis Still Matters (and Why You’re Running Out of People Who Can Do It)
April 24, 2025Packet analysis is a critical skillset when network and security problems strike. In this interview with Chris Greer from Packet Pioneer, we explore some of the reasons this skills gap exists and what you can do about it.
Talk to an expert
Our team is happy to answer your questions or give you a demo. Drop us a line and we will get in touch!
