By Johanna Amann, Senior Engineer at Corelight If you are familiar with Bro scripts you have probably encountered redefs, which allow you to change a number of Bro settings. One commonly used redef is Site::local_nets, which lists the networks that ... Read more »
Corelight
That’s a Wrap! The Bay Area’s First Open-Source Bro Meetup
By John Gamble, Director of Marketing at Corelight Last Tuesday Corelight hosted the Bay Area’s first meetup for the open-source Bro network security monitor and we saw a great turnout of Bro fanatics and first-timers alike at our San Francisco ... Read more »
Extensibility as a Guiding Principle
By Christian Kreibich, Senior Engineer at Corelight If you’ve ever used Bro, you’ve likely noticed that it’s rather more flexible than other network monitoring solutions. This is not coincidence — it reflects a core principle that has underpinned ... Read more »
Finding Very Damaging Needles in Very Large Haystacks
By Vern Paxson, Chief Scientist at Corelight Some of the most costly security compromises that enterprises suffer manifest as tiny trickles of behavior hidden within an ocean of other site activity. Finding such incidents, and unraveling ... Read more »
Another cool thing about Bro: tracking files!
By Vincent Stoffer, Director of Customer Solutions at Corelight You probably know that Bro generates real-time data about network flows, highly valued by threat hunters & incident responders around the world. But Bro can do a lot ... Read more »