Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Detecting Windows NFS Portmap vulnerabilities

By Corelight Labs Team – April 21, 2022

This month, Microsoft announced two vulnerabilities in portmap, which is part of ONC RPC, on Windows systems. This blog will discuss Zeek detection packages for CVE-2022-24491 and CVE-2022-24497 developed by Corelight Labs. Read more »

Sidecars for network monitoring

By Al Smith – April 21, 2022

Editor’s note: This is the second in a series of posts we have planned over the next several weeks where we explore topics such as network monitoring in Kubernetes, using sidecars to sniff and tunnel traffic, show a real-world example of detecting... Read more »

Explore Corelight evidence in Humio Community Edition

By Ed Smith – April 19, 2022

Now available: A free and easy way to learn about Humio and Corelight. Read more »

Deeper visibility into Kubernetes environments with network monitoring

By Vijit Nair – April 12, 2022

Editor’s note: This is the first in a series of posts we have planned over the next several weeks. We will explore topics such as network monitoring in Kubernetes, using sidecars to sniff and tunnel traffic, show a real-world example of detecting... Read more »

Don’t trust. Verify with evidence.

By Brian Dye – April 7, 2022

Editor's note: This is the first in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. What matters most in a criminal trial? Evidence. Everything depends on the quality and depth of... Read more »