The CrowdStrike + Corelight partnership lets customers incorporate threat intelligence into Corelight Sensors to generate alerts and network evidence.
Sigma is an open-source project that provides a generic signature format for SIEMs. Here are the benefits of Sigma, and how to get these threat...
Open source Zeek is capable of analyzing RDP connections and does a fantastic job handling the many options and configurations the RDP protocol...
Corelight’s support for Google Cloud environments turns packet-mirrored traffic into comprehensive logs, extracted files, and custom insights via...
The SSH Inference package installs on sensors with a few clicks and provides network traffic analysis (NTA) inferences on live SSH traffic.
I’m seven months into a new job here at Corelight as a product manager, and I’m still as excited about Zeek as I was last month about Zeek Week....
Corelight just released our v17 software. Here are the details about how these new features can enhance your data, speed up your IR workflow, and...
Last week, a candidate for a role at Corelight explained his motivation for joining the company: “the world is standardizing on Zeek.” Here's why...