START HERE
Why evidence-based security
WHY CORELIGHT
Complete visibility
Next-level analytics
Faster investigation
Expert hunting
TRENDING TOPICS
Encrypted traffic
VERTICALS
Federal
SANS Protects: The Network
Threat hunting guide
OVERVIEW
Open NDR Platform
Analytics & detections
PRODUCTS
Zeek
IDS
Smart PCAP
Investigator
SENSORS
Appliances
Cloud
Software
Virtual
Fleet Manager
View all products
SERVICES
Training
USE CASES
View all
Alerts, meet evidence.
5 Ways Corelight Data Helps Investigators Win
BLOG
Read the latest
EVENTS
Meet with us
DEMOS
Get a demo
Thinking like a Threat Actor: Hunting the Ghost in the Machine
Don't trust. Verify with evidence
ABOUT US
About Corelight
Careers
Leadership
Investors
Newsroom
Apex Awards
CHANNEL PARTNERS
Partner Program
Deal registration
Partner Academy
Become a Partner
NDR for Dummies
The Power of Open-Source Tools for Network Detection and Response
The Evolving Role of NDR
SUPPORT SERVICES
Open a ticket
Account login
Technical bulletins
Report a security vulnerability
WORLD-CLASS SUPPORT
Support overview
Detecting 5 Current APTs without heavy lifting
By Richard Bejtlich – August 26, 2020
This post contains a warning and a solution for anyone using BPF syntax when filtering traffic for network security monitoring. Read more »