I downloaded Whonix version 15, in which two virtual machines work together to detect activity in a clever way.
We reproduce our experiment using TLS 1.3. Remember that we have been visiting the Web site enabled.tls13.com, first without encryption, then with...
In part 1, I showed how Corelight would produce logs for a clear-text HTTP session. In part 2, I perform the same transaction using TLS 1.2.
In this first of three parts, I will introduce TLS and demonstrate a clear-text HTTP session as interpreted by Corelight logs.
CVE-2019-0708 is a serious vulnerability awaiting exploitation. Learn how to use Corelight and Zeek logs to mitigate RDS/RDP vulnerabilities.
This post will outline some methods Zeek employs to provide visibility into SSH connections.
In this post I will use Zeek logs to demonstrate alternative ways to analyze encrypted HTTP traffic.
This post covers a brief history of encryption on the web and investigates the security analysis challenges that have developed as a result.
In this blog post, find out how Corelight is making it easier to detect threats on your network, and provides even better data to respond to them.