TAP Into Technology | Blog

Erik Hjelmvik

Erik Hjelmvik is an experienced incident handler and software developer who who has specialized in network forensics and network securitymonitoring. Erik is also known in the network forensics community for having created NetworkMiner, which is an open source network forensicsanalysis tool. NetworkMiner has, since the first release in 2007, become a popular tool among incident response teams as well as law enforcement. NetworkMiner is today used by companies and organizations all over the world and is included on popular live-CDs such as Security Onion and REMnux. Erik is also one of one of the founders behind the Swedish company Netresec, which is an independent software vendor with spearhead competence in network security monitoring and network forensics. Netresec develops and sells software products specially designed to capture and analyze network traffic on the wire as well as in pcap files.
Find me on:

Recent Posts

SharkFest Europe: A Common Interest to Better Learn How to Analyze Captured Network Traffic

Posted by Erik Hjelmvik on 11/24/16 8:00 AM

For packet geeks like me, the annual Wireshark conference SharkFest is the place to be in order to meet and network with other packet geeks. However, for various reasons I haven't been able to attend SharkFest before. So when my friend Jasper Bongertz mentioned that there was going to be a SharkFest conference here in Europe I felt that this was a chance I just couldn't miss.

Read More

Topics: Events & News, Network Visibility/Monitoring, Wireshark

4SICS Conference Recap on Industrial Control Systems

Posted by Erik Hjelmvik on 11/16/15 9:02 AM

I attended the Swedish industrial cyber security conference 4SICS last month, where I also gave a one-day class on analyzing network traffic. 4SICS is the the leading Industrial Control System (ICS) security conference in Europe, which brings in speakers and attendees from all around the world.

Here's my summary on the conference and the status of where Europe and the world is at for Industrial Control Systems.

Read More

Topics: Network Security, Network Visibility/Monitoring, Industrial Ethernet

Intrusion Detection 101: Rinse and Repeat

Posted by Erik Hjelmvik on 9/14/15 3:19 PM

I am a long time skeptic when it comes to blacklists and other forms of signature based detection mechanisms. The information security industry has also declared the signature based anti-virus approach Erik_Hjelmvik-dead several times during the past 10 years. Yet, we still rely on anti-virus signatures, IDS rules, IP blacklists, malware domain lists, YARA rules etc. to detect malware infections and other forms of intrusions in our networks.

What can I say; the world is truly upside down...

Read More

Topics: Hacks and Data Breaches, Network Visibility/Monitoring