RSA 2020 is fast approaching. The speaker sessions seem to be of high quality overall, but here are the 12 talks you should consider attending.
On 1-14-2020, the world learned of the vulnerability CVE-2020-0601. This post is about how leveraging the power of the Zeek community can benefit...
This post will discuss four dimensions of not having network taps in place and offer advice on making the best of available visibility options.
Network and security devices operate with vulnerabilities that can be exploited. Here's how to use Corelight to monitor and identify exploited VPNs.
This true story illustrates how Corelight could have assisted with the realization that activity is not suspicious or malicious, but is in fact...
Here are the three most important decisions Gary Reiner, former CIO of General Electric, made with respect to the success of GE-CIRT.
While I have used log collection and SIEM platforms to review Zeek transaction logs, it is not necessary to wait for a SIEM before collecting...
Discover what the terms detection, inference, and identification mean, and how they can help you when investigating activity in your environment.
I downloaded Whonix version 15, in which two virtual machines work together to detect activity in a clever way.