PCAP Snapshots




  • Official comment
    Guy Duchatelet

    Hi Raymond,

    We have now released our new incident user experience and are rolling it out in batches to our customers, which includes PCAP export. If you are interested in being upgraded to this new experience early, please let us know and we can add you in our early batches of the customer upgrade plan.

    Information on PCAP exports can be found in the PCAP Export section of the Incident Console Features knowledge base article.

  • Avatar
    Abby Kincer

    Thank you for the feedback, Raymond! I'm submitting this request to our Product team and we'll notify you here when we have any updates.

  • Avatar
    Guy Duchatelet

    Hi Raymond

    We are working on a complete revamp of our incident handling user experience, which will also include improvements on the drilldown into event payload in the case of network intrusion event driven incidents. We are planning on different decoding views and ability to export PCAP, leveraging lessons learned from what our internal SOC analysts value in working with intrusion events.

    We will have details on the planning and release of this capability shortly, but i can tell you we are actively working on this feature as we speak. 

  • Avatar
    Guy Duchatelet

    Hello Raymond,

    I wanted to give a quick update on your request regarding PCAP export. As I mentioned in my last update, we have been working on this feature for some time. We are currently in the validation phase. This is part of a larger overhaul of our incident user experience and therefor needs a lot of vetting before we can roll it out. Our plan is to start rolling this out across the customer-base, starting in August - we will spend most of July finalizing, polishing and vetting the new UI, and then will have a gradual roll-out across our full customer-base. 

    Let us know if you have any questions. 

    Best regards,



Please sign in to leave a comment.