START HERE
Why evidence-based security
WHY CORELIGHT
Complete visibility
Next-level analytics
Faster investigation
Expert hunting
TRENDING TOPICS
Encrypted traffic
VERTICALS
Federal
SANS Protects: The Network
Threat hunting guide
OVERVIEW
Open NDR Platform
Analytics & detections
PRODUCTS
Zeek
IDS
Smart PCAP
Investigator
SENSORS
Appliances
Cloud
Software
Virtual
Fleet Manager
View all products
SERVICES
Training
USE CASES
View all
Alerts, meet evidence.
5 Ways Corelight Data Helps Investigators Win
BLOG
Read the latest
EVENTS
Meet with us
DEMOS
Get a demo
Thinking like a Threat Actor: Hunting the Ghost in the Machine
Don't trust. Verify with evidence
ABOUT US
About Corelight
Careers
Leadership
Investors
Newsroom
Apex Awards
CHANNEL PARTNERS
Partner Program
Deal registration
Partner Academy
Become a Partner
NDR for Dummies
The Power of Open-Source Tools for Network Detection and Response
The Evolving Role of NDR
SUPPORT SERVICES
Open a ticket
Account login
Technical bulletins
Report a security vulnerability
WORLD-CLASS SUPPORT
Support overview
Detecting 5 Current APTs without heavy lifting
By Johanna Amann – February 12, 2018
If you are familiar with Bro scripts you have probably encountered redefs, which allow you to change a number of Bro settings. One commonly used redef is Site::local_nets, which lists the networks that Bro considers local. Read more »