How to Find Lateral Movement and Reduce Dwell Times with Zeek, MITRE ATT&CK™ and the BZAR Project
Interested in finding lateral movement in your environment? Needing better east-west traffic visibility? You can with MITRE ATT&CK™, BZAR, and open source Zeek.
Corelight makes powerful network security monitoring (NSM) solutions that transform network traffic into rich logs, extracted files, and security insights, helping security teams achieve more effective incident response, threat hunting, and forensics. Corelight Sensors run on Zeek (formerly called “Bro”), the open-source NSM tool used by thousands of organizations worldwide. Corelight’s family of network sensors dramatically simplify the deployment and management of Zeek and expand its performance and capabilities. Corelight is based in San Francisco, California and its global customers include Fortune 500 companies, large government agencies, and major research universities.
