Learn how Zeek’s metadata approach can help focus patching efforts for the SSH “Terrapin” attack.
Here are my learnings from participating in NOCs at Black Hat Asia and Black Hat Las Vegas in 2023.
In this article we'll share some useful guidance for writing a real-world Zeek package in JavaScript or TypeScript.
Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.
I ran into a sample of the Gozi banking malware in the wild. This is how I developed an open source detection package to find it with Zeek.
We're excited to announce the launch of our ICS/OT Collection to help extend foundational visibility.
Whether or not you made it to RSA 2023, check out this blog to learn about key themes from this year’s conference.
Corelight announces the release of a new detection package “Sliver”, which identifies and raises alerts related to the Sliver C2 framework.
A recap of the open-source work since the beginning of the Zeek collaboration with Microsoft. Originally posted on Zeek.org on Nov. 28, 2022.