Get Started

          Archives for Mar 2021

          Maximize your Splunk ES investment with Corelight

          Maximize your Splunk ES investment with Corelight

          Are you looking to threat hunt but lack sufficient network and IDS data? Have you tried to accelerate your incident response process with better data, but run into dead ends that require data scientists or significant data model modification? Maybe... Read more »

          Exchange exploitation and architecting for visibility

          The new Microsoft Exchange vulnerabilities disclosed earlier this month highlight the importance of  architecting for security visibility on the network.  Read more »

          Translating query into action

          One of the most important aspects of threat hunting is having a place to start. A question, a theory, or a hunch often begins the hunt. Where you end up may not be where you first intended, but a good hunt will always reveal new information about... Read more »

          Getting the most out of your NIDS

          Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the value of NIDS, but adoption is not uniform across the entire... Read more »

          Search

            Recent Posts