Brad Duncan

Brad is a currently a Threat Intelligence Analyst for Palo Alto Networks Unit 42. Brad specializes in network traffic analysis. He is also a handler for the Internet Storm Center (ISC) and has posted more than 130 diaries at Brad routinely blogs technical details and analysis of infection traffic at, where he provides traffic analysis exercises and over 1,500 malware and pcap samples to a growing community of information security professionals.

The speaker's profile picture


Traffic Analysis Workshop

This workshop uses Wireshark to investigate Windows-based malware activity. Participants review packet captures (pcaps) of network traffic based on alerts from an Intrusion Detection System (IDS).