Today we are open sourcing a Zeek package that passively detects the presence of some of the tell-tale signs that Treck devices can exhibit.
Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.
In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). Before examining DoT and DoH, it’s important to take a quick look at DNS...
We are proud to announce that in our v19 software release we have delivered a sensor that combines and integrates Zeek and Suricata with three key...
We are excited to announce the expansion of our ETC. In this post, I will provide some further details and what the research team is working on next!
Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.
By allowing the attacker to essentially force a connection to an arbitrary URL, CallStranger can be used in these three key ways.
Open source Zeek is capable of analyzing RDP connections and does a fantastic job handling the many options and configurations the RDP protocol...
Richard shared his thoughts on our blog on why the overarching role of the network and election infrastructure is worthy of a deep assessment right...