We hosted a virtual CTF tournament where hundreds of players raced to solve security challenges using Zeek data in Splunk and Elastic. Here are the...
This post contains a warning and a solution for anyone using BPF syntax when filtering traffic for network security monitoring.
In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). Before examining DoT and DoH, it’s important to take a quick look at DNS...
We are excited to announce the expansion of our ETC. In this post, I will provide some further details and what the research team is working on next!
Learn about the benefits of Corelight DNS logs, and how Splunk Enterprise Security can reach a new level of functionality through integration with...
Network and security devices operate with vulnerabilities that can be exploited. Here's how to use Corelight to monitor and identify exploited VPNs.
I downloaded Whonix version 15, in which two virtual machines work together to detect activity in a clever way.
Now that our largest customers are approaching hundreds of deployed sensors, our mission is broadening. It has led us to develop Corelight Fleet...
With Corelight’s 1.15 release, we help figure out the host names associated with an IP address in prior network activity. Here's how it works.