Get Started

          Malware

          Introducing the C2 Collection and RDP inferences

          We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software. One of the most important ways that defenders can quickly identify and contain a security incident... Read more »

          Pingback: ICMP Tunneling Malware

          Recently, Trustwave reported on a new malware family which they discovered during a breach investigation. The backdoor, dubbed Pingback, executes on Windows systems and communicates with its controller via ICMP messages. ICMP (Internet Control... Read more »

          DNS over TLS and DNS over HTTPS

          In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH).  Read more »

          What’s the riskiest part of your Bro deployment? It may be you.

          Don’t overlook the obvious: the answer may be you Let me explain, because I’ve watched the following story unfold many times.  A curious person gets super excited about Bro, deploys it widely in their organization, and makes a big impact on the... Read more »

          Search

            Recent Posts