We reproduce our experiment using TLS 1.3. Remember that we have been visiting the Web site enabled.tls13.com, first without encryption, then with...
In part 1, I showed how Corelight would produce logs for a clear-text HTTP session. In part 2, I perform the same transaction using TLS 1.2.
In this first of three parts, I will introduce TLS and demonstrate a clear-text HTTP session as interpreted by Corelight logs.
CVE-2019-0708 is a serious vulnerability awaiting exploitation. Learn how to use Corelight and Zeek logs to mitigate RDS/RDP vulnerabilities.
Over the last six months, a variety of MSPs were compromised. In this post, I aim to get a better understanding of those incidents.
This blog builds on a prior post by discussing why our customers come to us as an enterprise solution to support their Zeek deployments.
This post will outline some methods Zeek employs to provide visibility into SSH connections.
Learn about the four NSM data types and the four core functions which one can perform with a passive network visibility platform.
Last week, a candidate for a role at Corelight explained his motivation for joining the company: “the world is standardizing on Zeek.” Here's why...