By Ed Smith, Senior Product Marketing Manager, Corelight Want to use Zeek (formerly Bro) network data in Splunk ES, but don’t know how to start or where to look? Need to quickly narrow down Zeek logs from a mountain, to a hill, to a h ... Read more »
DNS
Profiling Whonix
By Richard Bejtlich, Principal Security Strategist, Corelight Introduction This week I read a story announcing that the latest edition of Whonix had been released. I had heard of Whonix, but had never tried it. I knew it was a Linux ... Read more »
Astronomers and Chemists
By Brian Dye, Chief Product Officer, Corelight Scale is a great word, because its meaning is truly in the eye of the beholder. To an astronomer, it might mean millions of light years. To a chemist, nanometers. In the network ... Read more »
Log enrichment with DNS host names
By Christian Kreibich, Senior Engineer, Corelight One of the first tasks for any incident responder when looking at network logs is to figure out the host names that were associated with an IP address in prior network activity. With Corelight’s 1.15 ... Read more »
Databricks + Corelight – A powerful combination for cybersecurity, incident response and threat hunting
By Alan Saldich, CMO, Corelight and Brian Dirking, Sr. Director Partner Marketing, Databricks Incident response, threat hunting and cybersecurity in general relies on great data. Just like the rest of the world where virtually everything these days ... Read more »