Corelight Bright Ideas Blog

Featured

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

I downloaded Whonix version 15, in which two virtual machines work together to detect activity in a clever way.

We reproduce our experiment using TLS 1.3. Remember that we have been visiting the Web site enabled.tls13.com, first without encryption, then with...

In part 1, I showed how Corelight would produce logs for a clear-text HTTP session. In part 2, I perform the same transaction using TLS 1.2.

CVE-2019-0708 is a serious vulnerability awaiting exploitation. Learn how to use Corelight and Zeek logs to mitigate RDS/RDP vulnerabilities.

Last week, a candidate for a role at Corelight explained his motivation for joining the company: “the world is standardizing on Zeek.” Here's why...

In this post I will use Zeek logs to demonstrate alternative ways to analyze encrypted HTTP traffic.

Have questions?