network traffic analysis
Black Hat NOC: Findings from Europe & thoughts for Asia 2024
See how we used Corelight's Open NDR platform to take an evidence-based security approach at Blackhat Europe 2023.
Corelight Bright Ideas Blog
This is the Custom Rich Text module
Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.
- All
- Zeek
- Network Security Monitoring
- network security
- featured
- NDR
- network detection response
- Corelight
- cybersecurity
- network traffic analysis
- network visibility
- Bro
- SOC
- Corelight Labs
- Richard Bejtlich
- Product
- SIEM
- open source
- Announcements
- threat hunting
- BlackHat
- Industry
- Suricata
- Splunk
- DNS
- PCAP
- TLS
- open source community
- Corelight Sensor
- NSM
- Partnership
- HTTP
- MITRE ATT&CK
- GitHub
- Incident response
- network evidence
- Zeek Logs
- encrypted traffic
- SSH
- microsoft
- encrypted traffic collection
- JSON
- Detection
- IDS
- NOC
- command and control
- encryption
- ja3
- AWS
- HTTPS
- SSL
network traffic analysis
Detections and Findings using Corelight in the Black Hat Asia NOC
Learn about detections and findings from the network operations center (NOC) at Black Hat Asia 2023.
Dustin Lee
Aug 4, 2023
Zeek
Key takeaways from RSA 2023: #BetterTogether and AI in security
Whether or not you made it to RSA 2023, check out this blog to learn about key themes from this year’s conference.
Ed Smith
May 8, 2023
Zeek
New Sliver C2 Detection Released - Redteam detected
Corelight announces the release of a new detection package “Sliver”, which identifies and raises alerts related to the Sliver C2 framework.
Corelight Labs Team
May 4, 2023
Zeek
Detecting CVE-2022-30216: Windows Server Service Tampering
Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.
Tillson Galloway
Aug 9, 2022
Federal
Corelight accelerates OMB logging adoption
If you missed the Office of Management and Budget memo M-21-31, let me provide you the information that you need to know if you are in the federal...
Jean Schaffer
Oct 7, 2021
Zeek
Telegram Zeek, you’re my main notice
I’ve created and released a Zeek package, zeek-notice-telegram. I’ll walk you through a simple example so you can write your own action.
Yacin Nadji
Jul 29, 2021
Zeek
Detecting CVE-2021-31166 – HTTP vulnerability
In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability.
Ben Reardon
May 27, 2021
Zeek
What the Cyber EO means for federal agencies
By Jean Schaffer, Federal CTO, Corelight For those of us who have spent our careers working in cybersecurity, President Biden’s recent “Executive...
Jean Schaffer
May 26, 2021
Zeek
What the Cyber EO means for federal agencies
I highlight sections of the EO that federal agencies should study closely and offer my thoughts, drawing from more than 30 years of cybersecurity...
Jean Schaffer
May 25, 2021