Corelight Labs looks at three APT toolsets that have been linked to five threat actors, detecting each using relatively simple search logic.
Dr. Kelley Misata shares her thoughts on why she is excited to join Corelight to lead open source and the new opportunities this role will bring.
Corelight Federal CTO Jean Schaffer on how validating what asset management and vulnerability detection practices are producing is vital for BOD...
Corelight Investigator platform is engaged in attestation for GDPR to support customer threat hunting and incident response operations across Europe.
In this blog post, the Corelight Labs team shares some of the detection methods available for the Manjusaka C2 framework.
Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.
Federal CTO Jean Schaffer explores how evidence - not data - is critical to speed defenders’ knowledge and response capabilities.
Organizations often implement a data collection strategy out of fear, collecting everything “just in case.” I challenge the assumption.
We show how enriching Zeek® logs with cloud and container context makes it faster to tie interesting activity to the container or cloud asset...