Corelight Bright Ideas Blog

Featured

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). Before examining DoT and DoH, it’s important to take a quick look at DNS...

Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.

We reproduce our experiment using TLS 1.3. Remember that we have been visiting the Web site enabled.tls13.com, first without encryption, then with...

In part 1, I showed how Corelight would produce logs for a clear-text HTTP session. In part 2, I perform the same transaction using TLS 1.2.

In this first of three parts, I will introduce TLS and demonstrate a clear-text HTTP session as interpreted by Corelight logs.

Have questions?