Zeek
Detecting CVE-2022-23270 in PPTP
In this post Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek-based detection for it.
Featured
Identity in the SOC: Why network visibility still matters in the age of the identity perimeter
Network visibility is your ground truth in the age of the identity perimeter. See how Corelight integrates with Entra ID and CrowdStrike.