Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.
In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). Before examining DoT and DoH, it’s important to take a quick look at DNS...
We are proud to announce that in our v19 software release we have delivered a sensor that combines and integrates Zeek and Suricata with three key...
We are excited to announce the expansion of our ETC. In this post, I will provide some further details and what the research team is working on next!
Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.
By allowing the attacker to essentially force a connection to an arbitrary URL, CallStranger can be used in these three key ways.
Open source Zeek is capable of analyzing RDP connections and does a fantastic job handling the many options and configurations the RDP protocol...
Security teams would benefit from reviewing their NSM data to ensure that only authorized parties are interacting with their remote work...
Whether you’re a footsoldier or a tier-one analyst, a commanding view helps you outsmart and outlast adversaries. With Corelight, you can hold the...