Product

Bro provides enriched network visibility for top organizations around the world, and there are many use cases for Bro logs. The security field uses Bro data for incident response and cyber threat hunting. But Bro log use cases don’t always have to... Read more »

If you’re reading this blog, you probably know that Bro can uncover indicators of compromise and discover adversary lateral movement by monitoring east-west traffic within the enterprise. But you may not know about one of the best sources of data... Read more »

We started Corelight to bring the power of Bro network monitoring to an audience that is interested in security, stability, and long-term sustainability. Even though we created and built Bro over the last 20 years, when we developed our commercial... Read more »

I’ve enjoyed meeting many companies and leaders in the Bay Area over the past few months. The best surprise I had in doing so was with Corelight (where I recently joined as their chief product officer). Despite many years in security, when they... Read more »

If you are familiar with Bro scripts you have probably encountered redefs, which allow you to change a number of Bro settings. One commonly used redef is Site::local_nets, which lists the networks that Bro considers local. Read more »

Some of the most costly security compromises that enterprises suffer manifest as tiny trickles of behavior hidden within an ocean of other site activity. Finding such incidents, and unraveling their full scope once detected, requires far-ranging... Read more »

You probably know that Bro generates real-time data about network flows, highly valued by threat hunters & incident responders around the world. But Bro can do a lot more, and in this blog series, we’ll highlight lesser-known features from time to... Read more »

Have you ever considered how security tools can be a source of risk? They process untrusted data 24/7, have access to sensitive flows, and (like everything on the Internet) can be exploited if not patched regularly. Read more »