Richard Bejtlich
Introducing RDP Inferences
By Anthony Kasza, Technical Director, Corelight Corelight recently released a new package, focused on RDP inferences, as part of our Encrypted Traffic Collection. This package runs on Corelight Sensors and provides network ...
Network Security Monitoring data: Types I, II, and III
By Richard Bejtlich, Principal Security Strategist, Corelight Some critics claim that ever growing encryption renders network security monitoring useless. This opinion is based on a dated understanding of the types and values ...
The Election Is Six Months Away. Now Is the Time to Instrument Election Infrastructure.
By Richard Bejtlich, Principal Security Strategist, Corelight Elections have two critical components. The first is the conduct of the election as visible to the participants. The second is the hidden aspect, that ...
Enabling SOHO Network Security Monitoring
By Richard Bejtlich, Principal Security Strategist, Corelight One of the most popular and regularly occurring questions I see in network security monitoring forums involves how to instrument a small office – home ...
Using Corelight and Zeek to Support Remote Workers
By Richard Bejtlich, Principal Security Strategist, Corelight Due to the tragic Covid-19 pandemic, as we are all experiencing first hand, most governments and health officials are either mandating or encouraging those who ...
Day 1 Detection: CVE-2020-0601, a community, and 40 Lines of code
By Richard Bejtlich, Principal Security Strategist, Corelight On Tuesday, Jan. 14, 2020, the world learned of the vulnerability du jour, CVE-2020-0601. As explained by Microsoft, “a spoofing vulnerability exists in the way ...
