Software Engineering Institute

This course introduces you to network flow analysis using the CERT open source SiLK tool suite. Network flow analysis enables retrospective analysis of a network's traffic to help with forensic analysis, passive network profiling, and threat discovery.

Network flow analysis benefits from the very long retention of flow data due to the extremely small size of flow records, allowing examination of traffic going back much further in time than is possible with analysis of full-packet capture. Network flow analysis also helps you solve many privacy issues inherent in packet analysis.  The SiLK tool suite is uniquely suited to analyzing extremely large networks with massive amounts of traffic.