Introducing the Cloud Sensor for GCP

Introducing the Cloud Sensor for GCP

By Vijit Nair, Sr. Director, Product Management, Corelight Visibility is paramount in securing your cloud environment – as the adage goes, you cannot protect what you do not see. However, comprehensive visibility ...
Raspberry Pi sensors for home networks

Who’s your fridge talking to at night?

By Gary Fisk, Sales Engineer, Corelight I love origin stories – the tales of grand plans, unforeseen circumstances, and necessity that creates something new. These strange times have resulted in something new ...
Small, fast and easy. Pick any three.

Small, fast and easy. Pick any three.

By Seth Hall, Co-Founder & Chief Evangelist, Corelight Zeek has been the darling of security defenders looking to get deep visibility into network traffic. Over the last two decades, Zeek has become ...
Community detection: CVE-2020-16898

Community detection: CVE-2020-16898

By Ben Reardon, Corelight Security Researcher This month’s Microsoft Patch Tuesday included a severe Remote Code Execution vulnerability in the way that Windows TCP/IP handles IPv6 “Router Advertisement” ICMP messages. Due to ...
Community ID support for Wireshark

Community ID support for Wireshark

By Christian Kreibich, Principal Engineer, Corelight The past few weeks have seen several developments around Community ID, our open standard for rendering network traffic flow tuples into a concise textual representation. I’d ...
Mixed VLAN tags and BPF syntax

Mixed VLAN tags and BPF syntax

By Richard Bejtlich, Principal Security Strategist, Corelight This post contains a warning and a solution for anyone using BPF syntax when filtering traffic for network security monitoring.  Introduction I have been writing ...
Analyzing Encrypted RDP Connections

Analyzing Encrypted RDP Connections

By Anthony Kasza, Corelight Security Researcher Microsoft’s Remote Desktop Protocol (RDP) is used to remotely administer systems within Windows environments. RDP is everywhere Windows is and is useful for conducting remote work ...

Threat Alert: TCP Reflection Attacks

Throughout 2019, Radware’s Threat Research Center (TRC) and Emergency Response Team (ERT) have been monitoring and defending against an increasing number of TCP reflection attacks. TCP reflection attacks, such as SYN-ACK reflection ...
An Overview of the TCP Optimization Process

An Overview of the TCP Optimization Process

The Transmission Control Protocol (TCP) drives major internet operations such as video streaming, file transfers, web browsing, and communications, accounting for very high percentages of fixed access internet traffic and even more ...