Corelight recognized as a leader in the 2025 Gartner Magic Quadrant™ for network detection and response
Corelight recognized as a leader in the 2025 Gartner Magic Quadrant™ for network detection and response
Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.
This blog post explains three levels of analysis and how encryption has affected NSM, demonstrating that NSM remains relevant, despite encryption.
While I have used log collection and SIEM platforms to review Zeek transaction logs, it is not necessary to wait for a SIEM before collecting...
Discover what the terms detection, inference, and identification mean, and how they can help you when investigating activity in your environment.
I downloaded Whonix version 15, in which two virtual machines work together to detect activity in a clever way.
Announcing the Corelight Cloud Sensor, deployable in AWS and capable of ingesting traffic directly from the new Amazon VPC traffic mirroring feature.
We reproduce our experiment using TLS 1.3. Remember that we have been visiting the Web site enabled.tls13.com, first without encryption, then with...
In part 1, I showed how Corelight would produce logs for a clear-text HTTP session. In part 2, I perform the same transaction using TLS 1.2.
In this first of three parts, I will introduce TLS and demonstrate a clear-text HTTP session as interpreted by Corelight logs.
Over the last six months, a variety of MSPs were compromised. In this post, I aim to get a better understanding of those incidents.
Is IPS a feature or a product? I will present my view on the topic, but I’m more interested in hearing what readers think!