Can you be sure attackers aren’t hiding in your encrypted traffic? It’s a fundamental question in enterprise security. Why? Imagine these two shops.
The CrowdStrike + Corelight partnership lets customers incorporate threat intelligence into Corelight Sensors to generate alerts and network evidence.
The past few weeks have seen several developments around Community ID and support for Wireshark. I’d like to summarize them in this blog post.
This post contains a warning and a solution for anyone using BPF syntax when filtering traffic for network security monitoring.
Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.
We are proud to announce that in our v19 software release we have delivered a sensor that combines and integrates Zeek and Suricata with three key...
Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.
By allowing the attacker to essentially force a connection to an arbitrary URL, CallStranger can be used in these three key ways.
Whether you’re a footsoldier or a tier-one analyst, a commanding view helps you outsmart and outlast adversaries. With Corelight, you can hold the...