“There is an open approach that is currently rippling across the infosec industry that could give defenders the acceleration they need.” - John Lambert (Distinguished Engineer, Microsoft) By Greg Bell, CEO of Corelight I love this quote. ... Read more »
MITRE ATT&CK
Analyzing encrypted RDP connections
By Anthony Kasza, Corelight Security Researcher Microsoft’s Remote Desktop Protocol (RDP) is used to remotely administer systems within Windows environments. RDP is everywhere Windows is and is useful for conducting remote work. Just like every ... Read more »
Finding truth in the cloud: Google Cloud Packet Mirroring and Corelight Network Traffic Analysis
By Vijit Nair, Sr. Director Product Management, Corelight “Remember, all I’m offering is the truth” - Morpheus, from the movie Matrix (1999) There is a great scene at the end of Matrix where a fallen Neo resurrects himself and breaks past the ... Read more »
Introducing the Corelight SSH Inference package
By Anthony Kasza, Security Researcher, Corelight Labs Corelight has recently released a new package, focusing on SSH inferences, as part of our Encrypted Traffic Collection. The package installs on sensors with a few clicks and provides network ... Read more »
A network engineer in a Zeek Week world
By Sarah Banks, Senior Director of Product Management, Corelight With almost two decades of networking experience, I recently made my first foray into a security-centric user conference at Zeek Week, an annual conference for the user community of ... Read more »