By Richard Bejtlich, Principal Security Strategist, Corelight Vendors often claim that their products or services counter, mitigate, or otherwise affect “nation state threats.” When I worked as a director of incident response at one company, ... Read more »
Zeek
12 talks to see at RSA 2020
By Richard Bejtlich, Principal Security Strategist, Corelight RSA 2020 is fast approaching, and a colleague asked what talks I planned to attend. As I am not attending RSA, I thought I would answer her question anyway, with the hopes that those ... Read more »
Corelight ECS mapping: Unified Zeek data for more efficient analytics
By Ed Smith, Senior Product Marketing Manager, Corelight In addition to other great news we’ve recently shared, I’m pleased to announce that Corelight sensors now support the Elastic Common Schema (ECS) via our Corelight ECS Mapping. If you’re n ... Read more »
Day 1 detection: CVE-2020-0601, a community, and 40 lines of code
By Richard Bejtlich, Principal Security Strategist, Corelight On Tuesday, Jan. 14, 2020, the world learned of the vulnerability du jour, CVE-2020-0601. As explained by Microsoft, “a spoofing vulnerability exists in the way Windows CryptoAPI ( ... Read more »
Finding truth in the cloud: Google Cloud Packet Mirroring and Corelight Network Traffic Analysis
By Vijit Nair, Sr. Director Product Management, Corelight “Remember, all I’m offering is the truth” - Morpheus, from the movie Matrix (1999) There is a great scene at the end of Matrix where a fallen Neo resurrects himself and breaks past the il ... Read more »