By Richard Bejtlich, Principal Security Strategist, Corelight When we hear the phrase “first, do no harm,” most of us think of the Hippocratic Oath and its guidance for physicians. I was surprised to learn that the phrase as translated does no ... Read more »
NSM
Astronomers and Chemists
By Brian Dye, Chief Product Officer, Corelight Scale is a great word, because its meaning is truly in the eye of the beholder. To an astronomer, it might mean millions of light years. To a chemist, nanometers. In the network ... Read more »
Examining aspects of encrypted traffic through Zeek logs
By Richard Bejtlich, Principal Security Strategist, Corelight In my last post I introduced the idea that analysis of encrypted HTTP traffic requires different analytical models. If you wish to preserve the encryption (and not inspect it via a ... Read more »
Network security monitoring is dead, and encryption killed it.
By Richard Bejtlich, Principal Security Strategist, Corelight This post is part of a multi-part series on encryption and network security monitoring. This post covers a brief history of encryption on the web and investigates the security analysis ... Read more »
Monitoring. Why Bother?
By Richard Bejtlich, Principal Security Strategist, Corelight In response to my previous article in this blog series, some readers asked “why monitor the network at all?” This question really struck me, as it relates to a core assumption of mine. In ... Read more »