Today we are open sourcing a Zeek package that passively detects the presence of some of the tell-tale signs that Treck devices can exhibit.
I’m pleased to announce that Corelight sensors now support the Elastic Common Schema (ECS) via our Corelight ECS Mapping.
On 1-14-2020, the world learned of the vulnerability CVE-2020-0601. This post is about how leveraging the power of the Zeek community can benefit...
This true story illustrates how Corelight could have assisted with the realization that activity is not suspicious or malicious, but is in fact...
This post will outline some methods Zeek employs to provide visibility into SSH connections.
I want to take the opportunity here to talk about a few of our more recent contributions to open-source Zeek (formerly Bro).
The Corelight for Splunk app is now available! Using the new app you can now monitor the health and performance of Corelight Sensors in Splunk and...