Corelight Bright Ideas Blog

Featured

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

In this post Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek-based detection for it.

This post shows how a Microsoft NFS exploit (CVE-2022-26937) can be detected using Zeek.

To assist in detecting Zerologon (CVE-2020-1472), we’ve open sourced a Zeek package that detects both attempted and successful exploits.

On 1-14-2020, the world learned of the vulnerability CVE-2020-0601. This post is about how leveraging the power of the Zeek community can benefit...

Have questions?