Corelight Bright Ideas Blog

This is the Custom Rich Text module

Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.

Zeek

This package runs on Corelight Sensors and provides network traffic analysis (NTA) inferences on live RDP traffic.

Anthony Kasza May 20, 2021

Zeek

Open source Zeek is capable of analyzing RDP connections and does a fantastic job handling the many options and configurations the RDP protocol...

Anthony Kasza May 13, 2020

Zeek

Here's a simple prototype script which identifies CVE-2019-19521 within SSH connections.

Anthony Kasza Dec 6, 2019

Corelight Labs

The SSH Inference package installs on sensors with a few clicks and provides network traffic analysis (NTA) inferences on live SSH traffic.

Anthony Kasza Nov 19, 2019

Zeek

This post will outline some methods Zeek employs to provide visibility into SSH connections.

Anthony Kasza May 7, 2019