Corelight Bright Ideas Blog

Featured

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

In this first of three parts, I will introduce TLS and demonstrate a clear-text HTTP session as interpreted by Corelight logs.

CVE-2019-0708 is a serious vulnerability awaiting exploitation. Learn how to use Corelight and Zeek logs to mitigate RDS/RDP vulnerabilities.

In this post I will use Zeek logs to demonstrate alternative ways to analyze encrypted HTTP traffic.

With Corelight’s 1.15 release, we help figure out the host names associated with an IP address in prior network activity. Here's how it works.

I want to take the opportunity here to talk about a few of our more recent contributions to open-source Zeek (formerly Bro).

Here's why the riskiest part of your Zeek deployment could be you... and how Corelight has got you covered.

< 1 2 >

Have questions?