A Network Engineer in a Zeek Week World

By Sarah Banks, Senior Director of Product Management, Corelight With almost two decades of networking experience, I recently made my first foray into a security-centric user conference at Zeek Week, an annual conference for the user community of the open source network security monitoring platform known as Zeek (formerly Bro) held last month in Seattle. […]

No Tap? No Problem!

By Richard Bejtlich, Principal Security Strategist, Corelight Recently a fan of network security monitoring (NSM) asked me for advice on his current instrumentation situation. He said his organization was new to NSM and was interested in pursuing solutions with Corelight. However, the company did not have any network taps in place. He wanted to know […]

An attack or just a game? Corelight can help you tell the difference quickly

By Richard Bejtlich, Principal Security Strategist, Corelight When we think about using Corelight data, our mental models often fixate on finding evidence of suspicious and malicious activity. This makes sense, as network security monitoring data generated by Corelight and Zeek combines the granularity of high-fidelity traffic evidence with the compact features of storage-friendly data. However, […]

Don’t Delay – Corelight Today!

By Richard Bejtlich, Principal Security Strategist, Corelight Introduction Recently I heard that a company interested in Corelight was considering delaying their evaluation because of questions about SIEM technology. They currently have two SIEMs and are evaluating a third, possibly to replace the first two. They believed that they needed better clarity about SIEMs as a […]

Bring Network Security Monitoring to the Cloud with Corelight and Amazon VPC Traffic Mirroring

John Gamble, Director of Product Marketing, Corelight Corelight Sensors transform network traffic into comprehensive logs, extracted files, and custom insights via Zeek, a powerful, open-source network security monitoring framework used by thousands of organizations worldwide to accelerate incident response and unlock new threat hunting capabilities. While the sensors we’ve released to date have supported physical […]

Zeek is much more than a data format

By Greg Bell, CEO at Corelight Last week, a candidate for a senior role at Corelight explained his motivation for joining the company this way: “the world is standardizing on Zeek.”   And it’s true. The Zeek network security monitoring platform, created by leading researcher and Corelight co-founder Vern Paxson, is having its moment. Thousands of organizations worldwide […]

Corelight + Chronicle Backstory: Technology integration brings all the right data at the right time for customers

By Allen Male, Director of Strategic Alliances At the recent RSA Conference, Chronicle launched Backstory, a new security analytics platform, and we are pleased to share that Corelight is part of the Chronicle Index Partner program. Chronicle Backstory is a global platform designed to help enterprise customers analyze the massive amounts of security telemetry they generate […]

#winning

By Alan Saldich, Chief Marketing Officer, Corelight 2018 was undoubtedly a banner year for Corelight. We closed out 2018 with many successes under our belt that reflect the hard work of our people: We more than quadrupled our sales year-over-year and more than doubled our customer base and employee count; we strengthened our balance sheet and board […]

Twenty years of network security monitoring: from the AFCERT to Corelight

By Richard Bejtlich, Principal Security Strategist, Corelight I am really fired up to join Corelight. I’ve had to keep my involvement with the team a secret since officially starting on July 20th. Why was I so excited about this company? Let me step backwards to help explain my present situation, and forecast the future. Twenty […]

Another cool thing about Bro: SMB analysis!

By James Schweitzer, Federal Solution Engineer at Corelight If you’re reading this blog, you probably know that Bro can uncover indicators of compromise and discover adversary lateral movement by monitoring east-west traffic within the enterprise. But you may not know about one of the best sources of data for this purpose, the Bro server message […]