Hot Topics

Suricata

PCAP over IP

What is PCAP over IP?

| | Arkime, ncat, netcat, NetworkMiner, Packetbeat, pcap, PCAP-over-IP, PolarProxy, Suricata, tcpdump, tcpreplay, tshark, Wireshark, Zeek
PCAP-over-IP is a method for reading a PCAP stream, which contains captured network traffic, through a TCP socket instead of reading the packets from a PCAP file. A simple way to create ...
NETRESEC Network Security Blog

Smart PCAP and threat detection in the cloud

| | network detection response, Network Security, network security monitoring, network traffic analysis, pcap, Product, SIEM, Smart PCAP, SOC, SUNBURST, Suricata, Zeek
I am thrilled to publicly launch Corelight software version 22, which introduces a transformative new security product, Smart PCAP, and also enables threat detection in the cloud by extending Corelight’s Open NDR ...
Bright Ideas Blog

World’s first 100G Zeek sensor

| | 100G, Announcements, AP 5000, Command And Control, Fleet Manager, intrusion detection, Lawrence Berkeley Labs, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, open source, Open Source Community, Product, RDP, SIEM, Suricata, Zeek
By Sarah Banks, Senior Director of Product Management, Corelight As we finished rolling out Corelight’s v21 software release, which saw the delivery of the world’s first 100G, 1U Zeek sensor, I was ...
Bright Ideas Blog
Pingback: ICMP Tunneling Malware

Pingback: ICMP Tunneling Malware

| | Corelight Labs, Detection, Echo Reply, Echo Request, ICMP, ICMP RFC 792, IP, Malware, network detection response, network security monitoring, network traffic analysis, pingback, Suricata, Trustwave, Zeek
By Keith Jones, Anthony Kasza and Ben Reardon, Security Researchers, Corelight Introduction Recently, Trustwave reported on a new malware family which they discovered during a breach investigation. The backdoor, dubbed Pingback, executes ...
Bright Ideas Blog
Building a modern observability stack - Humio + Corelight webcast

CrowdStrike + Corelight partner to reach new heights

| | CrowdStrike, data, data lake, EDR, endpoint detection and response, Humio, MITRE ATT&CK, NDR, network detection response, Network Security, network security monitoring, partnership, SaaS, Security Operations Center, SIEM, SOC, Suricata, Threat Hunting, Threat Intelligence, Zeek
By Lana Knop, Chief Product Officer, Corelight Through our newly announced partnership with CrowdStrike, Corelight customers will be able to incorporate CrowdStrike’s best-in-class threat intelligence into Corelight Sensors to generate actionable alerts ...
Bright Ideas Blog

Extending NDR visibility in AWS IaaS

| | Amazon GuardDuty, aws, dns, ec2, IaaS, NDR, network security monitoring, partnership, Product, SIEM, SSH, SSL-TLS, SUNBURST, Suricata, VPC traffic mirroring, Zeek
By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams ...
Bright Ideas Blog
Getting the most out of your NIDS

Getting the most out of your NIDS

| | Cisco Talos, CMDB, CVE, dns, HTTPS, ids, IOC, NDR, network security monitoring, NIDS, NTA, OPEN ruleset, Proofpoint Emerging Threats, ServiceNow, SOAR, SOC, Suricata, Windows Server, Zeek
By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...
Bright Ideas Blog

Experience Bricata Network Detection and Response in Minutes

| | Blog, Cyber Threats, Cybersecurity, network analysis, network metadata, signature threat detection, Suricata, threat detection, Threat Hunting, Zeek
Bricata Labs is a quick and easy way for security analysts and threat hunters to experience the full power of the Bricata network detection and response solution. In less than five minutes, ...
Bricata | Network Detection & Response | Visibility & Analytics | Threat Hunting
Introducing the Cloud Sensor for GCP

Introducing the Cloud Sensor for GCP

| | Announcements, aws, google, Google GCP, Google Kubernetes, IaaS, json, Kafka, Microsoft Azure, MTU, Product, SIEM, SOC, Splunk, Suricata, syslog, TAPs, TCP, Terraform, vpc, Zeek
By Vijit Nair, Sr. Director, Product Management, Corelight Visibility is paramount in securing your cloud environment – as the adage goes, you cannot protect what you do not see. However, comprehensive visibility ...
Bright Ideas Blog
Raspberry Pi sensors for home networks

Who’s your fridge talking to at night?

| | Announcements, [email protected], COVID-19, Elastic, home networks, Humio, Industry, json, Kafka, Linux, NDR, network security monitoring, open source, Raspberry Pi, redis, SANS, Seth Hall, Splunk, Suricata, syslog, TCP, Zeek
By Gary Fisk, Sales Engineer, Corelight I love origin stories – the tales of grand plans, unforeseen circumstances, and necessity that creates something new. These strange times have resulted in something new ...
Bright Ideas Blog
Load more