Here's a simple prototype script which identifies CVE-2019-19521 within SSH connections.
Version 18 of our software features the Encrypted Traffic Collection which focuses on SSH, SSL/TLS certificates and insights into encrypted network...
Here's how the new Corelight app for Splunk makes network-based threat hunting easier.
The SSH Inference package installs on sensors with a few clicks and provides network traffic analysis (NTA) inferences on live SSH traffic.
I’m seven months into a new job here at Corelight as a product manager, and I’m still as excited about Zeek as I was last month about Zeek Week....
This post will discuss four dimensions of not having network taps in place and offer advice on making the best of available visibility options.
Network and security devices operate with vulnerabilities that can be exploited. Here's how to use Corelight to monitor and identify exploited VPNs.
The major web browsers announced their intent to disable support for TLS 1.0 and TLS 1.1 in 2020. What does this mean, and what are the consequences?
This true story illustrates how Corelight could have assisted with the realization that activity is not suspicious or malicious, but is in fact...