Announcements

CloudShark 3.7 - Unleash the expertise of your entire team with profile management

November 05, 2019 • 3 min read

Introducing profile management

The power of CloudShark has always been in empowering teams to work together. Working with packet captures in a native web environment is not only accelerates network and security analysis - it lets collaboration be a key factor in solving problems.

CloudShark 3.7 brings this idea to its next evolution with profile management. This feature, exclusive to CS Enterprise, allows users to grow and maintain a collection of profiles that can be used as templates, customized, and saved for other team members within your company. As analysis techniques change, so do your profiles. This keeps your entire team in sync, eliminates silos of expertise, and preserves best practices across your organization.

What is a profile?

CloudShark profiles apply a specific set of columns, preferences, decode options, and decryption rules to a packet capture. Applying a profile changes the information shown to you in the packet viewer, letting you control what information you are presented with.

 

profile settings 3 7

CloudShark Profile Editor

CloudShark gives you several column presets for common analysis situations like TCP, HTTP, and WiFi. Custom profiles make your analysis workflow more efficient, customizing your view to solve the problem at hand without additional setup.

With CloudShark 3.7, profiles are now tied to the same easy user/group management that CS Enterprise is known for. Profiles can be applied to a single capture, saved for later use, or shared with an entire group.

Creating and Saving a Profile

Creating and Saving a Profile

The value of profile management

The ability to save and share profiles is extremely powerful and adds real value in a number of key ways.

  • Faster analysis - The ability to apply a profile that you know you will use again and again significantly cuts down on set-up time when doing your analysis.
  • Improved collaboration - The profiles you create help you when sharing analysis across your teams. Profiles let other users view captures in the right context. Administrators can add system-wide profiles for everyone to use. Additionally, users can save and share profiles with their groups. .
  • Powerful customization - Saving profiles gives you the ability to get very specific with your analysis. For example, you can create profiles that apply to specific incidents or problem types, applying the same view when the same problem crops up later.
  • Easier cross training - Profiles are a great way to train new analysts and members of your network and IT teams. Experts can tailor profiles to specific issues and give entry-level team members the tools they need, without time consuming setup, to learn best practices while educating them about networks and security.
  • Future proofing your teams - Perhaps the most powerful use of CS Enterprise’s profile management system is the ability to curate a knowledge base of profiles to make analysis easier for everyone. As new techniques are learned or new standards added to your processes, profiles can be updated and applied to older captures to aid retrospective analysis.
  • Import Wireshark profiles - If you have a favorite profile that you use in Wireshark, or a profile you gained through training or from a capture analysis expert, you can import them (via zip file) into CloudShark.

Taking the next steps

Profile management opens the door to a number of new use cases to make collaborative analysis the way to solve network and security problems. Read the full release notes on CloudShark 3.7 and subscribe to our newsletter for updates as we continue to improve!