Avoid the 7 deadly sins of Network Detection and Response (NDR). Learn why firewall logs, black-box AI, and alert fatigue are killing SOC efficiency.
Learn how Corelight and Zeek streamline financial protocol tracking, improve network security, and simplify compliance.
While I have used log collection and SIEM platforms to review Zeek transaction logs, it is not necessary to wait for a SIEM before collecting...
Announcing the Corelight Cloud Sensor, deployable in AWS and capable of ingesting traffic directly from the new Amazon VPC traffic mirroring feature.
In this first of three parts, I will introduce TLS and demonstrate a clear-text HTTP session as interpreted by Corelight logs.
This blog builds on a prior post by discussing why our customers come to us as an enterprise solution to support their Zeek deployments.
Last week, a candidate for a role at Corelight explained his motivation for joining the company: “the world is standardizing on Zeek.” Here's why...
In this post I will use Zeek logs to demonstrate alternative ways to analyze encrypted HTTP traffic.
Welcome to the first in a regular series of blog posts on network security monitoring (NSM). I look forward to you joining me on this journey.