Open Source Community
Who Owns Open Source Security?
According to a recent report by the Internet Security Forum, open source software (OSS) is quickly becoming a pillar within enterprise infrastructure. In fact, OSS is now used in 99% of commercial ...
Detecting Zerologon (CVE-2020-1472) with Zeek
By Yacin Nadji, Corelight Security Researcher CVE-2020-1472 aka Zerologon, disclosed by Tom Tervoort of Secura, is an illustrative case study of how a small implementation mistake in cryptographic routines cascades into a ...
Meet the Corelight CTF tournament winners
By John Gamble, Director of Product Marketing, Corelight This summer, Corelight hosted a virtual CTF tournament where hundreds of players raced to solve security challenges using Zeek data in Splunk and Elastic ...
Together is faster: Zeek for vulnerabilities
“There is an open approach that is currently rippling across the infosec industry that could give defenders the acceleration they need.” – John Lambert (Distinguished Engineer, Microsoft) By Greg Bell, CEO of ...
Ripple20 Zeek package open sourced
By Ben Reardon, Corelight Security Researcher Recently, security research group JSOF released 19 vulnerabilities related to the “Treck” TCP/IP stack. This stack exists on many devices as part of the supply chain ...
Detecting GnuTLS CVE-2020-13777 using Zeek
By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their ...
Day 1 Detection: CVE-2020-0601, a community, and 40 Lines of code
By Richard Bejtlich, Principal Security Strategist, Corelight On Tuesday, Jan. 14, 2020, the world learned of the vulnerability du jour, CVE-2020-0601. As explained by Microsoft, “a spoofing vulnerability exists in the way ...
