By Anthony Kasza, Security Researcher, Corelight Labs Corelight has recently released a new package, focusing on SSH inferences, as part of our Encrypted Traffic Collection. The package installs on sensors with a few clicks and provides network traffic analysis (NTA) inferences on live SSH traffic. Which SSH connections transferred files? Which SSH connections transferred keystrokes? […]
Tag Archives: MITRE ATT&CK
A Network Engineer in a Zeek Week World
By Sarah Banks, Senior Director of Product Management, Corelight With almost two decades of networking experience, I recently made my first foray into a security-centric user conference at Zeek Week, an annual conference for the user community of the open source network security monitoring platform known as Zeek (formerly Bro) held last month in Seattle. […]
Hello, My Name Is ??
Vincent Stoffer, Senior Director, Product Management, Corelight Corelight just released our v17 software release and it’s packed with a number of cool new features including the Input Framework, Community ID, and MITRE’s BZAR collection of detections for lateral movement. Let me share a few details about how these new features can enhance your data, speed […]
Zeek is much more than a data format
By Greg Bell, CEO at Corelight Last week, a candidate for a senior role at Corelight explained his motivation for joining the company this way: “the world is standardizing on Zeek.” And it’s true. The Zeek network security monitoring platform, created by leading researcher and Corelight co-founder Vern Paxson, is having its moment. Thousands of organizations worldwide […]