The past few weeks have seen several developments around Community ID and support for Wireshark. I’d like to summarize them in this blog post.
This post contains a warning and a solution for anyone using BPF syntax when filtering traffic for network security monitoring.
Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.
We are proud to announce that in our v19 software release we have delivered a sensor that combines and integrates Zeek and Suricata with three key...
Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.
By allowing the attacker to essentially force a connection to an arbitrary URL, CallStranger can be used in these three key ways.
Whether you’re a footsoldier or a tier-one analyst, a commanding view helps you outsmart and outlast adversaries. With Corelight, you can hold the...
I’m pleased to announce that Corelight sensors now support the Elastic Common Schema (ECS) via our Corelight ECS Mapping.
Here's how the new Corelight app for Splunk makes network-based threat hunting easier.