By Richard Bejtlich, Principal Security Strategist, Corelight Network and security infrastructure, such as routers, switches, firewalls, virtual private network concentrators, and other equipment, are designed to provide a stable and secure ... Read more »
Richard Bejtlich
An attack or just a game? Corelight can help you tell the difference quickly
By Richard Bejtlich, Principal Security Strategist, Corelight When we think about using Corelight data, our mental models often fixate on finding evidence of suspicious and malicious activity. This makes sense, as network security monitoring data ... Read more »
A conversation with GE’s former CIO on three keys to CIRT success
By Richard Bejtlich, Principal Security Strategist, Corelight Earlier this month during Black Hat I had the good fortune to speak with Gary Reiner, a business leader for whom I have an immense amount of respect. Gary was the chief information ... Read more »
Don’t delay – Corelight today!
By Richard Bejtlich, Principal Security Strategist, Corelight Introduction Recently I heard that a company interested in Corelight was considering delaying their evaluation because of questions about SIEM technology. They currently have two ... Read more »
What did I just see? Detection, inference, and identification
By Richard Bejtlich, Principal Security Strategist, Corelight In the course of my network security monitoring work at Corelight, I’ve encountered the terms detection, inference, and identification. In this post I will examine what these ... Read more »