A recap of the open-source work since the beginning of the Zeek collaboration with Microsoft. Originally posted on Zeek.org on Nov. 28, 2022.
Dr. Kelley Misata shares her thoughts on why she is excited to join Corelight to lead open source and the new opportunities this role will bring.
Learn about the attributes of high-quality evidence. What should evidence look like, in order to be useful to defenders when the next security event...
As we finished rolling out our v21 software release, I was reminded of when I’d first read the 2015 “100G Intrusion Detection” paper written at...
We’d just upgraded our glibc package from 2.32 to 2.33, when we noticed some peculiar behavior. Here's how we tracked down a glibc regression.
To assist in detecting Zerologon (CVE-2020-1472), we’ve open sourced a Zeek package that detects both attempted and successful exploits.
We hosted a virtual CTF tournament where hundreds of players raced to solve security challenges using Zeek data in Splunk and Elastic. Here are the...
I love this quote by John Lambert. It perfectly describes the impact network defenders can achieve by pooling resources, insights, and techniques.
Today we are open sourcing a Zeek package that passively detects the presence of some of the tell-tale signs that Treck devices can exhibit.