In my security research role at Corelight, I often have to go through large, complex data sets to detect subtle anomalies and threats. It reminds me of a famous quote by Abraham Lincoln:
Read more »
In the ever-evolving landscape of cybersecurity threats, staying ahead requires more than just threat detection; it demands comprehensive correlation and analysis for informed decision-making. Understanding the context surrounding an alert is...
Read more »
How quickly a year passes. 2023 was Corelight’s first year participating in the Black Hat Network Operations Center (NOC). It was a tremendous opportunity and responsibility in which we collaborated with teams from Cisco, Palo Alto Networks, Arista,...
Read more »
In this blog, we will demonstrate how Zeek’s metadata approach can help focus patching efforts related to the recent SSH “Terrapin” attack. One of the interesting aspects to bear in mind as you read this is that Zeek provides visibility of the...
Read more »
Securing a network against the myriad of evolving cyber threats requires more than just a robust firewall or endpoint protection platform; it demands a multifaceted approach. Corelight’s Open Network Detection and Response (NDR) Platform complements...
Read more »
In this second post of our threat hunting with Corelight and CrowdStrike blog series we dive into Persistence, which is one the many tactical categories outlined in the MITRE ATT&CK framework. In our previous blog, we reviewed some of the common...
Read more »
Over the last few years, the evolution of cybersecurity strategies has seen a significant shift toward a more layered, nuanced, and, in many cases, advanced approach. Among these advancements, Network Detection and Response (NDR) has emerged as a...
Read more »
In this blog, I’ll share a few NetOps observations of the Black Hat network that I made during my time serving in the Black Hat Network Operations Center (NOC). My hope in doing so is to spark some ideas on how you can use an existing tool like Zeek...
Read more »
At Corelight, we’re always striving to make the life of threat hunters and security analysts a little easier. It’s the reason we developed our Open NDR Platform that provides comprehensive, correlated network data and forensic evidence about...
Read more »
The explosion of interest in artificial intelligence (AI) and specifically large language models (LLMs) has recently taken the world by storm. The duality of the power and risks that this technology holds is especially pertinent to cybersecurity. On...
Read more »