In this blog post, find out how Corelight is making it easier to detect threats on your network, and provides even better data to respond to them.
Here's why Databricks plus Corelight is a powerful combination for cybersecurity, incident response and threat hunting.
Discover how Zeek (formerly Bro) logs gave one company better DNS traffic visibility than their DNS servers.
Bro’s SMB protocol analyzer has undergone several iterations, and it is now a built-in feature that many Bro users might have overlooked.
When we developed our commercial product we made some design decisions that make running the Corelight Sensor slightly different from running...
I’ve enjoyed meeting many companies and leaders in the Bay Area. The best was with Corelight (where I recently joined as their chief product officer).
Redefs allow the re-definition of already defined constants in Bro. This is often done in local.bro. To modify Site::local_net, use code similar to...
In previous projects, I’ve tackled some needle-in-haystack problems. From these efforts, several high-level themes have emerged.
Zeek (formerly Bro) generates real-time data about network flows. But it can do a lot more, and in this blog series, we’ll highlight lesser-known...