Hot Topics

network detection response

Smart PCAP and threat detection in the cloud

| | network detection response, Network Security, network security monitoring, network traffic analysis, pcap, Product, SIEM, Smart PCAP, SOC, SUNBURST, Suricata, Zeek
I am thrilled to publicly launch Corelight software version 22, which introduces a transformative new security product, Smart PCAP, and also enables threat detection in the cloud by extending Corelight’s Open NDR ...
Bright Ideas Blog
Telegram Zeek, you’re my main notice

Telegram Zeek, you’re my main notice

| | Corelight Labs, Corelight@Home, NetControl, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, Notice Framework, TCP, Telegram, Zeek
Notices in Zeek Zeek’s Notice Framework enables network operators to specify how potentially interesting network findings can be reported. This decoupling of detection and reporting highlights Zeek’s flexibility: a notice-worthy event in ...
Bright Ideas Blog

What’s next for the National Cyber Director?

| | Chris Inglis, cisa, Cybersecurity, Federal, Industry, Kaseya, National Cyber Director, National Cyber Strategy, network detection response, Network Security, network security monitoring, Ransomware, rEvil
By Jean Schaffer, Federal CTO, Corelight As the first National Cyber Director begins to settle into office, private industry is very hopeful that this will be one of the turning points to ...
Bright Ideas Blog
PrintNightmare, SMB3 encryption, and your network

PrintNightmare, SMB3 encryption, and your network

| | Corelight Labs, CVE-2021-1675, CVE-2021-34527, DCE/RPC, dll, encryption, NDR, network detection response, Network Security, PrintNightmare, SMB3, Zeek
By Yacin Nadji and Ben Reardon, Corelight Security Researchers CVE-2021-1675, also tracked in CVE-2021-34527, is a remote code execution vulnerability that targets the Windows Print Spooler service. In a nutshell, there is ...
Bright Ideas Blog

What the Cyber EO means for federal agencies

| | Chris Inglis, Cybersecurity, Defense Federal Acquisition Regulation, executive order, Federal, Federal Acquisition Regulation, Industry, Jean Schaffer, Mandiant, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, nsa, President Biden, Snowden, SUNBURST, Zeek, zero trust
By Jean Schaffer, Federal CTO, Corelight For those of us who have spent our careers working in cybersecurity, President Biden’s recent “Executive Order on Improving the Nation’s Cybersecurity,” (EO) held no surprises ...
Bright Ideas Blog

World’s first 100G Zeek sensor

| | 100G, Announcements, AP 5000, Command And Control, Fleet Manager, intrusion detection, Lawrence Berkeley Labs, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, open source, Open Source Community, Product, RDP, SIEM, Suricata, Zeek
By Sarah Banks, Senior Director of Product Management, Corelight As we finished rolling out Corelight’s v21 software release, which saw the delivery of the world’s first 100G, 1U Zeek sensor, I was ...
Bright Ideas Blog
Introducing RDP Inferences

Introducing RDP Inferences

| | Alert AA21-131A, Announcements, APT39, APT40, Corelight Labs, Crowbar, DarkSide ransomware, Duo, Emotet, encrypted traffic, encrypted traffic collection, JA3, Matrix ransomware, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, Palo Alto Networks, RDP, RDPBCGR, Richard Bejtlich, rsa, RSAConference, Vern Paxson, Zeek, Zscaler
By Anthony Kasza, Technical Director, Corelight Corelight recently released a new package, focused on RDP inferences, as part of our Encrypted Traffic Collection. This package runs on Corelight Sensors and provides network ...
Bright Ideas Blog

Introducing the C2 Collection and RDP inferences

| | Announcements, Command And Control, encrypted traffic collection, encryption, Malware, MITRE ATT&CK, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, Product, RDP, rsa, RSAConference, Zeek
By Vince Stoffer, Senior Director, Product Management, Corelight We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software ...
Bright Ideas Blog

C2 detections, RDP insights and NDR at 100G

| | Announcements, Command And Control, MITRE ATT&CK, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, Product, RDP, rsa, RSAConference, SANS, Webinar, Zeek
By John Gamble, Director of Product Marketing, Corelight Today I am excited to announce Corelight’s v21 release, which delivers dozens of powerful C2 detections, extends analyst visibility around RDP connections, and helps ...
Bright Ideas Blog

How do you know?

| | Announcements, CISO, Command And Control, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, SOC
By Charles Strauss, Senior Brand Copywriter, Corelight Can you be sure attackers aren’t hiding in your encrypted traffic? Can your investigators go back 18 months ago to find what they need? Do ...
Bright Ideas Blog
Load more