Community ID support for Wireshark

Christian Kreibich | October 7, 2020 | Community ID, json, NDR, network detection response, Network Security, network security monitoring, pcap, Product, python, TCP, tshark, Wireshark, Zeek

By Christian Kreibich, Principal Engineer, Corelight The past few weeks have seen several developments around Community ID, our open standard for rendering network traffic flow tuples into a concise textual representation. I’d ...

Bright Ideas Blog

Give me my stats!

Keith J. Jones | September 21, 2020 | Corelight Labs, MyStatsInfo, network detection response, network security monitoring, network traffic analysis, network visibility, scripts, Zeek, zeek logs

By Keith J. Jones, Corelight Sr. Security Researcher I often develop packages for Zeek in cluster mode. In this configuration, it can be difficult to debug your package because it is a ...

Bright Ideas Blog

Zeek & Sigma: Fully Compatible for Cross-SIEM Detections

Alex Kirk | June 25, 2020 | encrypted traffic collection, Joe Sandbox, Microsoft Azure, MISP, NDR, network detection response, Network Security, network traffic analysis, network visibility, partnership, SANS, SIEM, Sigma, SOC, SOC Prime, Yara, Zeek

By Alex Kirk, Corelight Global Principal for Suricata Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma, ...

Bright Ideas Blog

network detection response

Community ID support for Wireshark

Give me my stats!

Zeek & Sigma: Fully Compatible for Cross-SIEM Detections

The Future of Multi-Cloud Security: A Look Ahead at Intelligent Cloud Security Posture Management Solutions

Prevent Catastrophic Data Loss in the Cloud

CISO Roundtable: What We’ve Heard, and What We’re Looking Forward To