Corelight Investigator platform is engaged in attestation for GDPR to support customer threat hunting and incident response operations across Europe.
In this blog post, the Corelight Labs team shares some of the detection methods available for the Manjusaka C2 framework.
Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.
Federal CTO Jean Schaffer explores how evidence - not data - is critical to speed defenders’ knowledge and response capabilities.
Organizations often implement a data collection strategy out of fear, collecting everything “just in case.” I challenge the assumption.
We show how enriching Zeek® logs with cloud and container context makes it faster to tie interesting activity to the container or cloud asset...
In this post Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek-based detection for it.
This post shows how a Microsoft NFS exploit (CVE-2022-26937) can be detected using Zeek.
This morning we announced Corelight Investigator, an open NDR platform that enables security teams with next-level evidence. Here is how it works.