Don’t Count on Cybersecurity Data

It is a common theme of mine, but one which bears repeating. We collect and disseminate all manner of data, but not so much of data which count. In an article by ...

Maximize your Splunk ES investment with Corelight

By Roger Cheeks, US-East Sales Engineer, Corelight Are you looking to threat hunt but lack sufficient network and IDS data? Have you tried to accelerate your incident response process with better data, ...
Getting the most out of your NIDS

Getting the most out of your NIDS

By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...

How Better Network Instrumentation Eliminates Security Risks – Q&A with Chief Product Officer Andre Ludwig

Today we’re discussing network instrumentation with Bricata Chief Product Officer Andre Ludwig. Our interview covers why instrumentation is needed, the state of network instrumentation in most enterprises today, the risks of not ...

How Better Network Instrumentation Eliminates Security Risks – Q&A with Chief Product Officer Andre Ludwig

Today we’re discussing network instrumentation with Bricata Chief Product Officer Andre Ludwig. Our interview covers why instrumentation is needed, the state of network instrumentation in most enterprises today, the risks of not ...
Network drawing with Clients, SecurityOnion and the Internet

Sniffing Decrypted TLS Traffic with Security Onion

Wouldn't it be awesome to have a NIDS like Snort, Suricata or Zeek inspect HTTP requests leaving your network inside TLS encrypted HTTPS traffic? Yeah, we think so too! We have therefore ...

Open Source Security Software: Takeaways from a Case Study on DIY Fatigue

Open source security software can cause teams to spend more time maintaining a tool than securing their network – this case study describes how Bricata solves that challenge ...

ZeekWeek 2019: 5 Things Network Security Pros Should Know about Zeek

As the annual ZeekWeek conference kicks off – here are X things network security professionals should know about Zeek ...
Detection & Response: Building Effective SOC Operations

6 Tips for Building an Effective SOC

| | Blog, ids, Incident Response, IPS, SOC
A presentation from RSA Unplugged 2019 offers several tips to security leaders seeking to build or improve their security operations center (SOC) ...

7 Threat Hunting Benchmarks from a Survey of Security Pros

| | Blog, ids, IPS, SOC, threat detection, Threat Hunting
Threat hunting aims to find threats that didn’t trigger an alert, yet it’s still a new concept for many, so these threat hunting benchmarks are useful waypoints ...