In this post Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek-based detection for it.
This morning we announced Corelight Investigator, an open NDR platform that enables security teams with next-level evidence. Here is how it works.
What do I say if my team discovers a breach of our digital assets? This is a question that requires understanding “defensible disclosure.”
Sniffing and mirroring network traffic from containers can be complicated. This post explores one approach to achieve this by injecting a sniffer...
Our new collaboration with CrowdStrike and Humio allows our customers and the community to experience the value of evidence.
This post explores the need, different approaches and pros and cons of monitor traffic in Kubernetes environments.
The most sophisticated cyber defense teams in the world have shifted their strategies towards the collection and analysis of high-quality evidence.
The blog covers a third log4j detection method, this one focused on the second-stage download that happens after the first stage completes.
We recently discussed some methods for detecting the Log4j exploit, and we’ve developed another method that one running Zeek® or a Corelight sensor...