Networks and data volumes are evolving so fast that security tools and teams are having a hard job keeping up. Faced with an inundation of alerts, it’s a relentless challenge to determine where the real threats lie. Thousands of SecOps teams already use the open-source software Bro to help with threat hunting. It’s a firm favourite of those who know it and might be familiar to you too. It was created 22 years ago by the legendary Vern Paxson, Professor of Computer Science at the University of California, Berkeley. Check out this video for a short explanation:
Bro (now known as Zeek) feeds better data to your existing analytics stack, so your time can be better spent looking for attackers, in the right places. It separates the thousands of network events it detects each second from the policies those events might trigger and contextualises all the metadata it collects by identifying logs that relate to one another. Its easy-to-interpret output files therefore allow you to make decisions based on real circumstances rather than on a system that just says there’s a problem. It’s certainly powerful – but Bro itself can be time-consuming to learn and customise regularly taking 18-24 months to set up.
That’s why we’d like you to meet Corelight, the Enterprise-grade version of Bro and platinum sponsor of the Bro open-source project. Corelight’s founder and Chief Scientist is none other than Vern Paxson, who originally established the company to provide professional services to Bro users to help speed up their adoption.
Their flagship product, the Corelight Sensor, is supported by the top Bro experts in the world. It’s designed from the ground up to offer enterprise scale, optimised file extraction and includes some of the hardest-to-achieve Bro functionality out of the box. It also comes with all the necessary APIs and development to enable a 15-30-minute implementation, saving you all that lengthy customisation time. All you need to do is provide the traffic feed and specify where to send your logs and extracted files so you can start benefitting from better data immediately.
We think you’ll love Corelight, because it saves time and makes threat hunting so much easier. Contact us through firstname.lastname@example.org to request a demo.
We’re using cookies to give you the best experience on our website.
You can find out more about which cookies we use, or switch them off by clicking ‘More Information’. Here, you’ll also find links to our Privacy and Cookie Policies, which explain how we process your personal data.
Do you accept all cookies?
Cookies are small files containing information that enables a website to recognise you. They’re downloaded to the device you use when you visit a website and sent back to that website each time you re-visit, or sent to another website that recognises the same cookie.
Strictly necessary cookies include session cookies and persistent cookies. Session cookies keep track of your current visit and how you navigate the site. They only last for the duration of your visit and are deleted from your device when you close your Internet browser. Persistent cookies last after you’ve closed your Internet browser and enable our website to recognise you as a repeat visitor and remember your actions and preferences when you return.
These cookies are strictly necessary and should always be enabled so we can save your preferences for cookie settings.
Third Party Cookies
Third party cookies include performance cookies and targeting cookies. Performance cookies collect information about how you use a website, e.g. which pages you go to most often, and if you get error messages from web pages. These cookies don’t collect information that identifies you personally as a visitor, although they might collect the IP address of the device you use to access the site. Targeting cookies collect information about your browsing habits. They are usually placed by advertising networks such as Google. The cookies remember that you have visited a website and this information is shared with other organisations such as media publishers.
Keeping these cookies enabled helps us to improve our website and display content that is more relevant to you and your interests across the Google content network.
Please enable Strictly Necessary Cookies first so that we can save your preferences!