• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Logo
  • About
  • Bulletins
  • Corelight.com
  • Contact us

Bright Ideas Blog

Bright Ideas Blog

Bright Ideas Blog

Network Security Monitoring

Detecting GnuTLS CVE-2020-13777 using Zeek

June 11, 2020 by Johanna Amann

By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their session resumption code, which ... Read more »

The election is six months away. Now is the time to instrument election infrastructure.

May 7, 2020 by Richard Bejtlich

Editor's Note: Richard recently shared his thoughts on our blog which are now included in an article contributed to StateTech on why the overarching role of the network and election infrastructure is worthy of a deep assessment right now. ... Read more »

Enabling SOHO Network Security Monitoring

April 8, 2020 by Richard Bejtlich

By Richard Bejtlich, Principal Security Strategist, Corelight  One of the most popular and regularly occurring questions I see in network security monitoring forums involves how to instrument a small office - home office (SOHO) environment. ... Read more »

Watch over DNS traffic with Corelight and Splunk

April 1, 2020 by Roger Cheeks

By Roger Cheeks, Solutions Engineer, Corelight Corelight sensors put your organization in the best position to watch over DNS traffic with a rich, powerful Network Traffic Analysis (NTA) data set. This article highlights the benefits of Corelight ... Read more »

Using Corelight and Zeek to support remote workers

March 25, 2020 by Richard Bejtlich

By Richard Bejtlich, Principal Security Strategist, Corelight Due to the tragic Covid-19 pandemic, as we are all experiencing first hand, most governments and health officials are either mandating or encouraging those who can work from home to do ... Read more »

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Interim pages omitted …
  • Go to page 10
  • Go to Next Page »

Primary Sidebar

Search

Recent Posts

  • Extending NDR visibility in AWS IaaS
  • Maximize your Splunk ES investment with Corelight
  • Exchange exploitation and architecting for visibility
  • Translating query into action
  • Getting the most out of your NIDS

Categories

Archives

Tags

Bro conn.log Corelight Corelight Sensor cybersecurity DNS Elastic encrypted traffic encryption files.log GitHub HTTP HTTPS IDS incident response ja3 ja3s JSON logs MITRE ATT&CK NDR network security Network Security Monitoring network traffic analysis network visibility NSM NTA open source open source community PCAP Richard Bejtlich SANS SIEM Sigma SOC Splunk SSH SSL ssl.log Suricata TCP TLS TLS 1.3 Vern Paxson Zeek

Footer

Use Cases

  • Our Use Cases
  • MITRE ATT&CK
  • Government
  • Enterprise
  • Higher Education
  • Why Corelight

Products

  • Zeek
  • Suricata
  • Collections
  • Appliance Sensors
  • Cloud Sensors
  • Software Sensor
  • Virtual Sensors
  • Fleet Manager
  • Compare to open Source Zeek

Company

  • About Corelight
  • Awards
  • Careers
  • Events
  • News Coverage
  • Media Kit

Resources

  • Support Overview
  • Open A Support Ticket
  • Product Training
  • Case Studies
  • Video
  • Github
  • Scripts + Packages
  • Zeek Community

Follow us

  • facebook
  • twitter
  • linkedin
  • github
  • reddit
  • youtube

Copyright © 2021 · Corelight, Inc. · All rights reserved. · Privacy Policy · Terms of Use