By Sarah Banks, Senior Director of Product Management, Corelight With almost two decades of networking experience, I recently made my first foray into a security-centric user conference at Zeek Week, an annual conference for the user community of ... Read more »
Zeek
An attack or just a game? Corelight can help you tell the difference quickly
By Richard Bejtlich, Principal Security Strategist, Corelight When we think about using Corelight data, our mental models often fixate on finding evidence of suspicious and malicious activity. This makes sense, as network security monitoring data ... Read more »
Don’t Delay – Corelight Today!
By Richard Bejtlich, Principal Security Strategist, Corelight Introduction Recently I heard that a company interested in Corelight was considering delaying their evaluation because of questions about SIEM technology. They currently have two ... Read more »
What did I just see? Detection, Inference, and Identification
By Richard Bejtlich, Principal Security Strategist, Corelight In the course of my network security monitoring work at Corelight, I’ve encountered the terms detection, inference, and identification. In this post I will examine what these t ... Read more »
Profiling Whonix
By Richard Bejtlich, Principal Security Strategist, Corelight Introduction This week I read a story announcing that the latest edition of Whonix had been released. I had heard of Whonix, but had never tried it. I knew it was a Linux ... Read more »