Get Started

          Alex Kirk

          Monitoring networks for Chinese State-Sponsored Cyber Operations

          The US federal government recently took an unprecedented step in the fight against cyber espionage, publishing detailed technical guidance on tactics and techniques used by Chinese state-sponsored actors.  Read more »

          Exchange exploitation and architecting for visibility

          The new Microsoft Exchange vulnerabilities disclosed earlier this month highlight the importance of  architecting for security visibility on the network.  Read more »

          Beating alert fatigue with integrated data

          More than 15 years after Gartner declared that “IDS is dead” because it was too noisy to be effectively managed, alert fatigue continues to be a central theme of life in modern SOCs, with a majority of SOCs still unable to process all the alerts... Read more »

          Zeek & Sigma: Fully compatible for cross-SIEM detections

          Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma, the only generic signature language that enables cross-SIEM detections from a single toolset.... Read more »

          Search

            Recent Posts