• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Logo
  • About
  • Bulletins
  • Corelight.com
  • Contact us

Bright Ideas Blog

Bright Ideas Blog

Bright Ideas Blog

Corelight Sensor

Log enrichment with DNS host names

October 25, 2018 by Christian Kreibich

By Christian Kreibich, Senior Engineer, Corelight One of the first tasks for any incident responder when looking at network logs is to figure out the host names that were associated with an IP address in prior network activity. With Corelight’s 1.15 ... Read more »

Network security monitoring vs supply chain backdoors

October 4, 2018 by Richard Bejtlich

By Richard Bejtlich, Principal Security Strategist, Corelight On October 4, 2018, Bloomberg published a story titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” with a subtitle “The attack by Chinese spies reached almost ... Read more »

How Bro logs gave one company better DNS traffic visibility than their DNS servers

June 11, 2018 by Howard Samuels

By Howard Samuels, Director of Sales Engineering at Corelight Bro provides enriched network visibility for top organizations around the world, and there are many use cases for Bro logs.   The security field uses Bro data for incident ... Read more »

How we decide what Bro capabilities to include in our Sensor

April 5, 2018 by Seth Hall

By Seth Hall, Co-Founder & Chief Evangelist at Corelight We started Corelight to bring the power of Bro network monitoring to an audience that is interested in security, stability, and long-term sustainability. Even though we created and built ... Read more »

Announcing The New Corelight for Splunk App

March 29, 2018 by Corelight

We’re proud to announce the Corelight for Splunk app is available!  Using the new app (and its associated Technology Add-on (TA)), you can now monitor the health and performance of Corelight Sensors in Splunk and explore the rich data Bro ... Read more »

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to Next Page »

Primary Sidebar

Search

Recent Posts

  • Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example
  • Finding SUNBURST backdoor with Zeek logs & Corelight
  • Introducing the Cloud Sensor for GCP
  • Who’s your fridge talking to at night?
  • Small, fast and easy. Pick any three.

Categories

Archives

Tags

Bro conn.log Corelight Corelight Sensor cybersecurity DNS Elastic encrypted traffic encryption files.log GitHub HTTP HTTPS incident response ja3 ja3s JSON Linux logs MITRE ATT&CK NDR network security Network Security Monitoring network traffic analysis network visibility NSM NTA open source open source community PCAP Richard Bejtlich SANS SIEM SMTP SOC Splunk SSH SSL ssl.log Suricata TCP TLS TLS 1.3 Vern Paxson Zeek

Footer

Use Cases

  • Our Use Cases
  • MITRE ATT&CK
  • Government
  • Enterprise
  • Higher Education
  • Why Corelight

Products

  • Zeek
  • Suricata
  • Collections
  • Appliance Sensors
  • Cloud Sensors
  • Software Sensor
  • Virtual Sensors
  • Fleet Manager
  • Compare to open Source Zeek

Company

  • About Corelight
  • Awards
  • Careers
  • Events
  • News Coverage
  • Media Kit

Resources

  • Support Overview
  • Open A Support Ticket
  • Product Training
  • Case Studies
  • Video
  • Github
  • Scripts + Packages
  • Zeek Community

Follow us

  • facebook
  • twitter
  • linkedin
  • github
  • reddit
  • youtube

Copyright © 2021 · Corelight, Inc. · All rights reserved. · Privacy Policy · Terms of Use