Zeek
Detecting CVE-2022-30216: Windows Server Service Tampering
Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.
Featured
Fueling Cisco XDR with Corelight high-fidelity network evidence
Learn how to integrate Corelight Investigator directly into Cisco XDR to enrich your SOC investigations with high-fidelity network evidence.