Hot Topics

encrypted traffic

Top 6 Questions to Ask When Selecting SSL Protection Solutions

| | Cyber Security, DDoS attacks, encrypted attacks, encrypted traffic, encryption, HTTPS, ssl, SSL Security
There is no one-size-fits-all solution for SSL protection. Each organization has its own unique priorities, business needs, sensitivities, and privacy needs. The post Top 6 Questions to Ask When Selecting SSL Protection ...
Radware Blog
Introducing RDP Inferences

Introducing RDP Inferences

| | Alert AA21-131A, Announcements, APT39, APT40, Corelight Labs, Crowbar, DarkSide ransomware, Duo, Emotet, encrypted traffic, encrypted traffic collection, JA3, Matrix ransomware, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, Palo Alto Networks, RDP, RDPBCGR, Richard Bejtlich, rsa, RSAConference, Vern Paxson, Zeek, Zscaler
By Anthony Kasza, Technical Director, Corelight Corelight recently released a new package, focused on RDP inferences, as part of our Encrypted Traffic Collection. This package runs on Corelight Sensors and provides network ...
Bright Ideas Blog
Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example

Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example

| | Corelight Labs, DFIR, encrypted traffic, Industry, Solarigate, SolarWinds, SUNBURST, TLS, Zeek, zeek logs
Ben Reardon – Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software ...
Bright Ideas Blog
Corelight Splunk App update: new dashboard and data

Corelight Splunk App update: new dashboard and data

| | Announcements, Community ID, Corelight Technical Add-on, ECS, EDR, encrypted traffic, ETC, HELK, MISP, NDR, osquery, partnership, SOC, Splunk, SSH, Suricata
By Roger Cheeks, US-East Sales Engineer, Corelight In support of Corelight’s latest software release, v19, we are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and ...
Bright Ideas Blog

The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection

| | agent forwarding, Announcements, Authentication, Chrome, dns, DoH, encrypted traffic, encrypted traffic collection, Firefox, network security monitoring, network traffic analysis, network visibility, reverse tunnel, SSH, Suricata, Zeek
By Vince Stoffer, Senior Director, Product Management, Corelight With Corelight’s latest software release, v19, we are excited to announce the expansion of our Encrypted Traffic Collection (ETC). The ETC was introduced in ...
Bright Ideas Blog
Encryption = Privacy ≠ Security

Encryption = Privacy ≠ Security

| | Adversarial AI, Blog, Cloud Security, Data breach, Data Privacy, encrypted traffic, Network Baselines, Network Detection and Response, Network Security, network traffic analysis, Self-Supervised AI, threat detection, Zero Day Attacks
For the past few years, many have been talking about the changing “threat landscape” as it pertains to the increase in zero day, insider and phishing threats. While all of these threats ...
MixMode