• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Logo
  • About
  • Bulletins
  • Corelight.com
  • Contact us

Bright Ideas Blog

Bright Ideas Blog

Bright Ideas Blog

Corelight

Runtime Options: the Bro Configuration Framework

February 13, 2018 by Johanna Amann

By Johanna Amann, Senior Engineer at Corelight If you are familiar with Bro scripts you have probably encountered redefs, which allow you to change a number of Bro settings. One commonly used redef is Site::local_nets, which lists the networks that ... Read more »

That’s a Wrap! The Bay Area’s First Open-Source Bro Meetup

January 18, 2018 by John Gamble

By John Gamble, Director of Marketing at Corelight Last Tuesday Corelight hosted the Bay Area’s first meetup for the open-source Bro network security monitor and we saw a great turnout of Bro fanatics and first-timers alike at our San Francisco ... Read more »

Extensibility as a Guiding Principle

December 6, 2017 by Christian Kreibich

By Christian Kreibich, Senior Engineer at Corelight If you’ve ever used Bro, you’ve likely noticed that it’s rather more flexible than other network monitoring solutions. This is not coincidence — it reflects a core principle that has underpinned ... Read more »

Finding Very Damaging Needles in Very Large Haystacks

September 26, 2017 by Vern Paxson

By Vern Paxson, Chief Scientist at Corelight Some of the most costly security compromises that enterprises suffer manifest as tiny trickles of behavior hidden within an ocean of other site activity.  Finding such incidents, and unraveling ... Read more »

Another cool thing about Bro: tracking files!

September 15, 2017 by Vince Stoffer

By Vincent Stoffer, Director of  Customer Solutions at Corelight You probably know that Bro generates real-time data about network flows, highly valued by threat hunters & incident responders around the world.  But Bro can do a lot ... Read more »

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 4
  • Go to page 5
  • Go to page 6
  • Go to page 7
  • Go to Next Page »

Primary Sidebar

Search

Recent Posts

  • Extending NDR visibility in AWS IaaS
  • Maximize your Splunk ES investment with Corelight
  • Exchange exploitation and architecting for visibility
  • Translating query into action
  • Getting the most out of your NIDS

Categories

Archives

Tags

Bro conn.log Corelight Corelight Sensor cybersecurity DNS Elastic encrypted traffic encryption files.log GitHub HTTP HTTPS IDS incident response ja3 ja3s JSON logs MITRE ATT&CK NDR network security Network Security Monitoring network traffic analysis network visibility NSM NTA open source open source community PCAP Richard Bejtlich SANS SIEM Sigma SOC Splunk SSH SSL ssl.log Suricata TCP TLS TLS 1.3 Vern Paxson Zeek

Footer

Use Cases

  • Our Use Cases
  • MITRE ATT&CK
  • Government
  • Enterprise
  • Higher Education
  • Why Corelight

Products

  • Zeek
  • Suricata
  • Collections
  • Appliance Sensors
  • Cloud Sensors
  • Software Sensor
  • Virtual Sensors
  • Fleet Manager
  • Compare to open Source Zeek

Company

  • About Corelight
  • Awards
  • Careers
  • Events
  • News Coverage
  • Media Kit

Resources

  • Support Overview
  • Open A Support Ticket
  • Product Training
  • Case Studies
  • Video
  • Github
  • Scripts + Packages
  • Zeek Community

Follow us

  • facebook
  • twitter
  • linkedin
  • github
  • reddit
  • youtube

Copyright © 2021 · Corelight, Inc. · All rights reserved. · Privacy Policy · Terms of Use