Bright Ideas Blog

Skip to main content
Skip to primary sidebar
Skip to footer

Logo
About
Bulletins
Corelight.com
Contact us

Bright Ideas Blog

Bright Ideas Blog

Bright Ideas Blog

Main Content

Featured Post

Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example

December 22, 2020 By Ben Reardon

Ben Reardon - Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the SolarWinds package. The contents of the C2 communications are ... Read more »

Additional Posts

Primary Sidebar

Search

Search the site ...

Recent Posts

Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example
Finding SUNBURST backdoor with Zeek logs & Corelight
Introducing the Cloud Sensor for GCP
Who’s your fridge talking to at night?
Small, fast and easy. Pick any three.

Categories

Categories

Archives

Archives

Tags

Bro conn.log Corelight Corelight Sensor cybersecurity DNS Elastic encrypted traffic encryption files.log GitHub HTTP HTTPS incident response ja3 ja3s JSON Linux logs MITRE ATT&CK NDR network security Network Security Monitoring network traffic analysis network visibility NSM NTA open source open source community PCAP Richard Bejtlich SANS SIEM SMTP SOC Splunk SSH SSL ssl.log Suricata TCP TLS TLS 1.3 Vern Paxson Zeek

Footer

Use Cases

Our Use Cases
MITRE ATT&CK
Government
Enterprise
Higher Education
Why Corelight

Products

Zeek
Suricata
Collections
Appliance Sensors
Cloud Sensors
Software Sensor
Virtual Sensors
Fleet Manager
Compare to open Source Zeek

Company

About Corelight
Awards
Careers
Events
News Coverage
Media Kit

Resources

Support Overview
Open A Support Ticket
Product Training
Case Studies
Video
Github
Scripts + Packages
Zeek Community

Follow us

facebook
twitter
linkedin
github
reddit
youtube

Copyright © 2021 · Corelight, Inc. · All rights reserved. · Privacy Policy · Terms of Use