Here are five lessons that me and my NOC teammates learned over the course of our week together at Black Hat NOC USA 2023.
Download the Corelight App for Splunk and see how easy it is to get Corelight data into Splunk.
Learn how Corelight’s Open NDR products and platforms help SOC teams identify ransomware blast radius.
Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.
Take a look at an incident we detected, investigated, triaged, and closed using Corelight at Black Hat Las Vegas 2023.
This article proposes ways that modern network-derived evidence applies to the kill chain.
I ran into a sample of the Gozi banking malware in the wild. This is how I developed an open source detection package to find it with Zeek.
Learn about detections and findings from the network operations center (NOC) at Black Hat Asia 2023.
Learn how to leverage Corelight evidence to detect and analyze activity related to Storm-0558.