Network and security devices operate with vulnerabilities that can be exploited. Here's how to use Corelight to monitor and identify exploited VPNs.
The major web browsers announced their intent to disable support for TLS 1.0 and TLS 1.1 in 2020. What does this mean, and what are the consequences?
This true story illustrates how Corelight could have assisted with the realization that activity is not suspicious or malicious, but is in fact...
Here are the three most important decisions Gary Reiner, former CIO of General Electric, made with respect to the success of GE-CIRT.
While I have used log collection and SIEM platforms to review Zeek transaction logs, it is not necessary to wait for a SIEM before collecting...
Discover what the terms detection, inference, and identification mean, and how they can help you when investigating activity in your environment.
I downloaded Whonix version 15, in which two virtual machines work together to detect activity in a clever way.
Announcing the Corelight Cloud Sensor, deployable in AWS and capable of ingesting traffic directly from the new Amazon VPC traffic mirroring feature.
Corelight just released our v17 software. Here are the details about how these new features can enhance your data, speed up your IR workflow, and...