Is IPS a feature or a product?

By Richard Bejtlich, Principal Security Strategist, Corelight This post is a departure from previous editions. It is inspired by discussions I’ve had recently with a few different online and in-person communities. I will present my view on the topic, but I’m more interested in hearing what readers think! I’ve had a few conversations during the […]

Network security monitoring is dead, and encryption killed it.

By Richard Bejtlich, Principal Security Strategist, Corelight This post is part of a multi-part series on encryption and network security monitoring. This post covers a brief history of encryption on the web and investigates the security analysis challenges that have developed as a result. I’ve been hearing this message since the late-2000s, and wrote a […]

Twenty years of network security monitoring: from the AFCERT to Corelight

By Richard Bejtlich, Principal Security Strategist, Corelight I am really fired up to join Corelight. I’ve had to keep my involvement with the team a secret since officially starting on July 20th. Why was I so excited about this company? Let me step backwards to help explain my present situation, and forecast the future. Twenty […]