Bright Ideas Blog

Ssl

Explore Corelight evidence in Humio Community Edition

Now available: A free and easy way to learn about Humio and Corelight. Read more »

Application Layer Infrastructure Visibility in IaaS

The migration to cloud provides faster time to deployment and elasticity, but often at some cost and complexity to infrastructure control and visibility.  A concrete example we can use is a deployment of web servers with rational security group... Read more »

Small, fast and easy. Pick any three.

Small, fast and easy. Pick any three.

Zeek has been the darling of security defenders looking to get deep visibility into network traffic. Over the last two decades, Zeek has become a household name – widely used by enterprise organizations, educational institutions and government... Read more »

Profiling Whonix

Introduction This week I read a story announcing that the latest edition of Whonix had been released. I had heard of Whonix, but had never tried it. I knew it was a Linux distribution that tried to make it as easy and safe as possible to anonymize... Read more »

Bring Network Security Monitoring to the cloud with Corelight and Amazon VPC Traffic Mirroring

Corelight Sensors transform network traffic into comprehensive logs, extracted files, and custom insights via Zeek, a powerful, open-source network security monitoring framework used by thousands of organizations worldwide to accelerate incident... Read more »

Investigating the effects of TLS 1.3 on Corelight logs, part 2

Introduction Welcome to part 2 of my three-part series on TLS. In the previous article I briefly introduced TLS, and showed how Corelight would produce logs for a clear-text HTTP session. In this article I will perform the same transaction using TLS... Read more »

The last BroCon. It’ll be Zeek in 2019!

I’m back in San Francisco after the last ever BroCon! Why the last BroCon? Because the Bro Leadership Team has announced a new name for the project. After two years of discussion, no shortage of suggestions, and a final shortlist going through legal... Read more »

There’s more to Bro than great network data

Corelight recently released our 1.15 software update which includes some fantastic new features, including our first group of curated Bro Packages which we’re calling the “Core Collection.”  In this blog post, I’ll tell you a bit more about how... Read more »

Corelight’s recent contributions to open-source Bro

When we founded Corelight in 2013, one of our goals was to build an organization that could sustain open-source Bro development long term. At that time, the core team behind Bro was still funded primarily through grants from the National Science... Read more »

How we decide what Bro capabilities to include in our Sensor

We started Corelight to bring the power of Bro network monitoring to an audience that is interested in security, stability, and long-term sustainability. Even though we created and built Bro over the last 20 years, when we developed our commercial... Read more »

Search

    Recent Posts