Small, fast and easy. Pick any three.

Small, fast and easy. Pick any three.

By Seth Hall, Co-Founder & Chief Evangelist, Corelight Zeek has been the darling of security defenders looking to get deep visibility into network traffic. Over the last two decades, Zeek has become ...
Beating alert fatigue with integrated data

Beating alert fatigue with integrated data

By Alex Kirk, Corelight Global Principal for Suricata More than 15 years after Gartner declared that “IDS is dead” because it was too noisy to be effectively managed, alert fatigue continues to ...

Suricata or Zeek? The answer is both.

If you apply Pereto’s Principal (the 80/20 rule) to network security, about 80% of incidents are caused by known threats that are easily ...

Suricata or Zeek? The answer is both.

If you apply Pereto’s Principal (the 80/20 rule) to network security, about 80% of incidents are caused by known threats that are easily identified by signature-based rules system and 20% come from ...

Zeek in it’s sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

By Ben Reardon, Corelight Security Researcher Having a CVE 10 unauthenticated Remote Code Execution vulnerability on a central load balancing device? That’s bad… Not being able to detect when a threat actor ...
Corelight Splunk App update: new dashboard and data

Corelight Splunk App update: new dashboard and data

By Roger Cheeks, US-East Sales Engineer, Corelight In support of Corelight’s latest software release, v19, we are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and ...

Chocolate and Peanut Butter, Zeek and Suricata

By Brian Dye, Chief Product Officer, Corelight Some things just go well together. A privilege of working with very sophisticated defenders in the open source community is seeing the design patterns they ...

The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection

By Vince Stoffer, Senior Director, Product Management, Corelight With Corelight’s latest software release, v19, we are excited to announce the expansion of our Encrypted Traffic Collection (ETC). The ETC was introduced in ...

Four Key Elements for Comprehensive Network Threat Detection

Today’s cybersecurity landscape is a mix of old and new threats. Many of the attacks that organizations encounter involve legacy malware and techniques ...

Four Key Elements for Comprehensive Network Threat Detection

Today’s cybersecurity landscape is a mix of old and new threats. Many of the attacks that organizations encounter involve legacy malware and techniques that are repackaged and reused (this post from security ...