Corelight
Splunk .conf24 reflections - Federated data, resilience, and a parade of fezzes
Fresh from Splunk .conf24, here are some of the key points from throughout the week.
Corelight Bright Ideas Blog
This is the Custom Rich Text module
Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.
- All
- Zeek
- Network Security Monitoring
- network security
- featured
- NDR
- network detection response
- Corelight
- cybersecurity
- network traffic analysis
- network visibility
- Bro
- SOC
- Corelight Labs
- Richard Bejtlich
- Product
- SIEM
- open source
- Announcements
- threat hunting
- BlackHat
- Industry
- Suricata
- Splunk
- DNS
- PCAP
- TLS
- open source community
- Corelight Sensor
- NSM
- Partnership
- HTTP
- MITRE ATT&CK
- GitHub
- Incident response
- network evidence
- Zeek Logs
- encrypted traffic
- SSH
- microsoft
- encrypted traffic collection
- JSON
- Detection
- IDS
- NOC
- command and control
- encryption
- ja3
- AWS
- HTTPS
- SSL
network detection response
Simplify SOC analyst experience with the enhanced Corelight Splunk App
RSA 2024 is a wrap. Here are the biggest takeaways from conversations with security leaders and partners.
Claudio Cruz
May 29, 2024
Corelight
Enhance your search experience within Splunk by using the Corelight App
Download the Corelight App for Splunk and see how easy it is to get Corelight data into Splunk.
James Schweitzer
Oct 11, 2023
Network Security Monitoring
The best cybersecurity defense is great evidence
Federal CTO Jean Schaffer explores how evidence - not data - is critical to speed defenders’ knowledge and response capabilities.
Jean Schaffer
Jul 19, 2022
network detection response
Detecting Log4j exploits via Zeek when Java downloads Java
The blog covers a third log4j detection method, this one focused on the second-stage download that happens after the first stage completes.
Corelight Labs Team
Dec 18, 2021
network detection response
Detecting Log4j via Zeek & LDAP traffic
We recently discussed some methods for detecting the Log4j exploit, and we’ve developed another method that one running Zeek® or a Corelight sensor...
Corelight Labs Team
Dec 17, 2021
network detection response
Simplifying detection of Log4Shell
Simplify the detection of CVE-2021-44228 exploit (the log4j 0-day known as Log4Shell) with Corelight.
Corelight Labs Team
Dec 15, 2021
Network Security Monitoring
Maximize your Splunk ES investment with Corelight
Are you looking to threat hunt but lack sufficient network and IDS data? Maximize your Splunk ES investment with Corelight.
Roger Cheeks
Mar 17, 2021
MITRE ATT&CK
Translating query into action
Sigma is an open-source project that provides a generic signature format for SIEMs. Here are the benefits of Sigma, and how to get these threat...
Vince Stoffer
Mar 15, 2021
Zeek
Finding SUNBURST backdoor with Zeek logs & Corelight
FireEye’s threat research team has discovered a troubling new supply chain attack targeting SolarWind’s Orion IT monitoring and management platform.
John Gamble
Dec 15, 2020