A Network Engineer in a Zeek Week World

By Sarah Banks, Senior Director of Product Management, Corelight With almost two decades of networking experience, I recently made my first foray into a security-centric user conference at Zeek Week, an annual conference for the user community of the open source network security monitoring platform known as Zeek (formerly Bro) held last month in Seattle. […]

No Tap? No Problem!

By Richard Bejtlich, Principal Security Strategist, Corelight Recently a fan of network security monitoring (NSM) asked me for advice on his current instrumentation situation. He said his organization was new to NSM and was interested in pursuing solutions with Corelight. However, the company did not have any network taps in place. He wanted to know […]

Bring Network Security Monitoring to the Cloud with Corelight and Amazon VPC Traffic Mirroring

John Gamble, Director of Product Marketing, Corelight Corelight Sensors transform network traffic into comprehensive logs, extracted files, and custom insights via Zeek, a powerful, open-source network security monitoring framework used by thousands of organizations worldwide to accelerate incident response and unlock new threat hunting capabilities. While the sensors we’ve released to date have supported physical […]

Hello, My Name Is ??

Vincent Stoffer, Senior Director, Product Management, Corelight Corelight just released our v17 software release and it’s packed with a number of cool new features including the Input Framework, Community ID, and MITRE’s BZAR collection of detections for lateral movement. Let me share a few details about how these new features can enhance your data, speed […]

The Elephant in the SIEM War Room

By Brian Dye, Chief Product Officer, Corelight Last week’s RSA announcements included a pair of new entrants in to the SIEM space, Google Chronicle’s Backstory and Microsoft’s Azure Sentinel. While the entry of larger players in to the SIEM space is an eyebrow-raiser on its own, in conjunction with the existing competitive fray it is pretty amazing. The good […]

Astronomers and Chemists

By Brian Dye, Chief Product Officer, Corelight Scale is a great word, because its meaning is truly in the eye of the beholder.  To an astronomer, it might mean millions of light years. To a chemist, nanometers.  In the network security monitoring (NSM) world, Corelight is enabling scale in two different senses of the word: management […]

Twenty years of network security monitoring: from the AFCERT to Corelight

By Richard Bejtlich, Principal Security Strategist, Corelight I am really fired up to join Corelight. I’ve had to keep my involvement with the team a secret since officially starting on July 20th. Why was I so excited about this company? Let me step backwards to help explain my present situation, and forecast the future. Twenty […]

There’s more to Bro than great network data

By Vincent Stoffer, Senior Director of Product Management, Corelight Corelight recently released our 1.15 software update which includes some fantastic new features, including our first group of curated Bro Packages which we’re calling the “Core Collection.”  In this blog post, I’ll tell you a bit more about how Corelight is making it easier to detect threats […]

Databricks + Corelight – A powerful combination for cybersecurity, incident response and threat hunting

By Alan Saldich, CMO, Corelight and Brian Dirking, Sr. Director Partner Marketing, Databricks Incident response, threat hunting and cybersecurity in general relies on great data. Just like the rest of the world where virtually everything these days is data-driven, from self-driving cars to personalized medicine, effective security strategies also need to be data-driven. Whatever security […]

How Bro logs gave one company better DNS traffic visibility than their DNS servers

By Howard Samuels, Director of Sales Engineering at Corelight Bro provides enriched network visibility for top organizations around the world, and there are many use cases for Bro logs.   The security field uses Bro data for incident response and cyber threat hunting. But Bro log use cases don’t always have to involve finding bad actors, […]