In this first of three parts, I will introduce TLS and demonstrate a clear-text HTTP session as interpreted by Corelight logs.
CVE-2019-0708 is a serious vulnerability awaiting exploitation. Learn how to use Corelight and Zeek logs to mitigate RDS/RDP vulnerabilities.
Over the last six months, a variety of MSPs were compromised. In this post, I aim to get a better understanding of those incidents.
Learn about the four NSM data types and the four core functions which one can perform with a passive network visibility platform.
Is IPS a feature or a product? I will present my view on the topic, but I’m more interested in hearing what readers think!
In this post I examine the statement's relevance and discuss why implementing NSM via passive instrumentation delivers on the promise of the...
In this post I will use Zeek logs to demonstrate alternative ways to analyze encrypted HTTP traffic.
This post covers a brief history of encryption on the web and investigates the security analysis challenges that have developed as a result.
In this post I will offer a few reasons why network owners have a responsibility to monitor, not just the option to monitor.