Corelight Bright Ideas Blog

Cybersecurity

The evidence bank: leveraging security's most valuable asset

Editor's note: This is the fourth in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. Read more »

Don’t trust. Verify with evidence.

Editor's note: This is the first in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. What matters most in a criminal trial? Evidence. Everything depends on the quality and depth of... Read more »

VPNs are increasingly common - how much can you see?

New VPN Insights package shines the light on a growing blindspot VPN tunnels are like shipping containers in that they are widely used (especially as the pandemic has moved more of the workforce to remote work), and they can be used to carry traffic... Read more »

Know your environment: Tenable/Corelight integration for prioritized IDS alerts

One of the major causes of alert fatigue for SOCs is a class of alerts that fall in between false positives and useful detections: when an actual attack has been launched, and the detection is working correctly, but the host on the receiving end is... Read more »

One SIEM is not enough?

The idea behind the SIEM (and now XDR!) technologies was to provide a single engine at the heart of the SOC, aggregating data, enabling analytics and powering workflow automation. The SIEM would act as one place to train analysts and integrate a... Read more »

Acting on CISA’s advice for detecting Russian cyberattacks

Given that active cyber warfare has broken out alongside Russia’s active invasion of Ukraine - from Russian wiper malware to Anonymous hacking Russian state TV - CISA’s recent “Shields Up” memo is a timely insight into some of the TTPs defenders of... Read more »

Government gets serious: deadlines for Zero Trust Architectures

Since the 1990s, the federal government has been issuing guidelines and recommendations for security via their 800-Series Special Publications. While some of those guidelines became mandates, things have largely inched forward, instead of making any... Read more »

Microsoft + Corelight partner to stop IoT attacks

Microsoft + Corelight partner to stop IoT attacks

When you hear the term “Internet of Things,” (IoT) do you picture home devices like lightbulbs, smart assistants, and wifi-connected refrigerators? Perhaps you think of enterprise devices like video conferencing systems, smart sensors, or security... Read more »

What’s next for the National Cyber Director?

As the first National Cyber Director begins to settle into office, private industry is very hopeful that this will be one of the turning points to solidify a true private/public partnership for raising the cybersecurity posture of the U.S. As I... Read more »

What the Cyber EO means for federal agencies

For those of us who have spent our careers working in cybersecurity, President Biden’s recent “Executive Order on Improving the Nation’s Cybersecurity,” (EO) held no surprises. However, it is a step toward accelerating the modernization of public... Read more »

Search

    Recent Posts