What do I say if my team discovers a breach of our digital assets? This is a question that requires understanding “defensible disclosure.”
This blog post discusses Zeek detection packages for CVE-2022-24491 and CVE-2022-24497 developed by Corelight Labs.
Sniffing and mirroring network traffic from containers can be complicated. This post explores one approach to achieve this by injecting a sniffer...
Our new collaboration with CrowdStrike and Humio allows our customers and the community to experience the value of evidence.
This post explores the need, different approaches and pros and cons of monitor traffic in Kubernetes environments.
The most sophisticated cyber defense teams in the world have shifted their strategies towards the collection and analysis of high-quality evidence.
Corelight just shipped our latest software release (v24) which includes a brand new addition to our Encrypted Traffic Collection: VPN Insights.
Prioritizing alerts just got a little easier for SOC teams with Corelight's integration with Tenable.
A growing number of defenders use two SIEMs. This post explores why and whether XDR platforms will evolve to to become full threat hunting solutions.