DNS over TLS and DNS over HTTPS

DNS over TLS and DNS over HTTPS

By Jamie Brim, Corelight Security Researcher In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). DoT and DoH were invented to address privacy concerns associated with cleartext ...

Chocolate and Peanut Butter, Zeek and Suricata

By Brian Dye, Chief Product Officer, Corelight Some things just go well together. A privilege of working with very sophisticated defenders in the open source community is seeing the design patterns they ...

The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection

By Vince Stoffer, Senior Director, Product Management, Corelight With Corelight’s latest software release, v19, we are excited to announce the expansion of our Encrypted Traffic Collection (ETC). The ETC was introduced in ...
Detecting GnuTLS CVE-2020-13777 using Zeek

Detecting GnuTLS CVE-2020-13777 using Zeek

By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their ...

The Election Is Six Months Away. Now Is the Time to Instrument Election Infrastructure.

By Richard Bejtlich, Principal Security Strategist, Corelight Elections have two critical components. The first is the conduct of the election as visible to the participants. The second is the hidden aspect, that ...
Enabling SOHO Network Security Monitoring

Enabling SOHO Network Security Monitoring

By Richard Bejtlich, Principal Security Strategist, Corelight One of the most popular and regularly occurring questions I see in network security monitoring forums involves how to instrument a small office – home ...
Watch over DNS traffic with Corelight & Splunk

Watch over DNS traffic with Corelight & Splunk

By Roger Cheeks, Solutions Engineer, Corelight Corelight sensors put your organization in the best position to watch over DNS traffic with a rich, powerful Network Traffic Analysis (NTA) data set. This article ...

Using Corelight and Zeek to Support Remote Workers

By Richard Bejtlich, Principal Security Strategist, Corelight Due to the tragic Covid-19 pandemic, as we are all experiencing first hand, most governments and health officials are either mandating or encouraging those who ...

Getting Network Visibility into East-West Traffic

Getting highly granular “everywhere” visibility continues to be a significant challenge for organizations as they work to protect their networks from threats. Traditionally, ...

The High Ground

By Charles Strauss, Senior Brand Copywriter, Corelight Introducing Corelight’s new story + the value of NTA From the Greek Acropolis to the Space Race, defenders have sought the high ground. Up there, ...