Zeek
Investigating the effects of TLS 1.3 on Corelight logs, part 2
In part 1, I showed how Corelight would produce logs for a clear-text HTTP session. In part 2, I perform the same transaction using TLS 1.2.
Featured
How to React(.js) to React2Shell and detecting behaviors to catch the Next(.js) big RCE
Ground your defense against React2Shell in verifiable network evidence. Deploy high-fidelity Suricata detections to spot unauthenticated remote code...