Chocolate and Peanut Butter, Zeek and Suricata

By Brian Dye, Chief Product Officer, Corelight Some things just go well together. A privilege of working with very sophisticated defenders in the open source community is seeing the design patterns they ...

The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection

By Vince Stoffer, Senior Director, Product Management, Corelight With Corelight’s latest software release, v19, we are excited to announce the expansion of our Encrypted Traffic Collection (ETC). The ETC was introduced in ...

Four Key Elements for Comprehensive Network Threat Detection

Today’s cybersecurity landscape is a mix of old and new threats. Many of the attacks that organizations encounter involve legacy malware and techniques ...
Network drawing with Clients, SecurityOnion and the Internet

Sniffing Decrypted TLS Traffic with Security Onion

Wouldn't it be awesome to have a NIDS like Snort, Suricata or Zeek inspect HTTP requests leaving your network inside TLS encrypted HTTPS traffic? Yeah, we think so too! We have therefore ...
Bro Befriends Suricata by Michal Purzynski

What is Suricata? Intro to a Best of Breed Open Source IDS and IPS

“ESG research indicates network security monitoring is most often the center of gravity for threat detection. In other words, SOC analysts detect suspicious ...
Pony using curl to set: Accept-Encoding: identity, *;q=0

Detecting the Pony Trojan with RegEx using CapLoader

This short video demonstrates how you can search through PCAP files with regular expressions (regex) using CapLoader and how this can be leveraged in order to improve IDS signatures. Your browser does ...