Corelight Bright Ideas Blog

Archives for Sep 2017

Finding Very Damaging Needles in Very Large Haystacks

Some of the most costly security compromises that enterprises suffer manifest as tiny trickles of behavior hidden within an ocean of other site activity.  Finding such incidents, and unraveling their full scope once detected, requires far-ranging... Read more »

Another cool thing about Bro: tracking files!

You probably know that Bro generates real-time data about network flows, highly valued by threat hunters & incident responders around the world.  But Bro can do a lot more, and in this blog series, we’ll highlight lesser-known features from time to... Read more »

Securing the Corelight Sensor

Have you ever considered how security tools can be a source of risk? They process untrusted data 24/7, have access to sensitive flows, and (like everything on the Internet) can be exploited if not patched regularly.   Read more »

Search

    Recent Posts