We hosted a virtual CTF tournament where hundreds of players raced to solve security challenges using Zeek data in Splunk and Elastic. Here are the...
I love this quote by John Lambert. It perfectly describes the impact network defenders can achieve by pooling resources, insights, and techniques.
We are proud to announce that in our v19 software release we have delivered a sensor that combines and integrates Zeek and Suricata with three key...
Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.
I downloaded Whonix version 15, in which two virtual machines work together to detect activity in a clever way.
Over the last six months, a variety of MSPs were compromised. In this post, I aim to get a better understanding of those incidents.
Learn about the four NSM data types and the four core functions which one can perform with a passive network visibility platform.
Last week, a candidate for a role at Corelight explained his motivation for joining the company: “the world is standardizing on Zeek.” Here's why...
In this post I examine the statement's relevance and discuss why implementing NSM via passive instrumentation delivers on the promise of the...