Recapping our learnings from the Black Hat NOC, using packet captures and Zeek scripting to decode threat payloads.
Recapping our learnings from the Network Operations Center (NOC) at Black Hat USA 2024. Using historical network logs to detect threats during the...
Learn how Zeek’s metadata approach can help focus patching efforts for the SSH “Terrapin” attack.
Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.
Take a look at an incident we detected, investigated, triaged, and closed using Corelight at Black Hat Las Vegas 2023.
Researchers at wiz.io found vulnerabilities in Windows OMI; Corelight has open-sourced a Zeek package for the most severe of these vulnerabilities.
In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability.
A very interesting Linux-based command-and-control (C2) malware was described by the research team at Intezer. Here are a few points about this...
Learn how you can use Zeek to detect this level of cunning evasion tactics in your own retrospective hunts and forensic investigations.