Featured What the Black Hat NOC taught me about MCP & agentic SOCs (Chapter 2 of 4) Discover what defending the Black Hat NOC taught me about using Model Context Protocol (MCP) to build an agentic SOC and accelerate threat hunting. James Pope Jul 8, 2026
Zeek Community ID support for Wireshark The past few weeks have seen several developments around Community ID and support for Wireshark. I’d like to summarize them in this blog post. Christian Kreibich Oct 7, 2020
Zeek Log enrichment with DNS host names With Corelight’s 1.15 release, we help figure out the host names associated with an IP address in prior network activity. Here's how it works. Christian Kreibich Oct 25, 2018
Zeek Extensibility as a Guiding Principle To us, extensibility is not an afterthought that we try to tuck on in a few release cycles. It permeates the way we think about network monitoring. Christian Kreibich Dec 6, 2017