Corelight announces the release of a new detection package “Sliver”, which identifies and raises alerts related to the Sliver C2 framework.
The first in a 5-part blog series from Ed Amoroso of TAG Cyber, that examines the use of the Corelight platform in the context of the "everywhere...
Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.
Organizations often implement a data collection strategy out of fear, collecting everything “just in case.” I challenge the assumption.
In this post Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek-based detection for it.
This morning we announced Corelight Investigator, an open NDR platform that enables security teams with next-level evidence. Here is how it works.
What do I say if my team discovers a breach of our digital assets? This is a question that requires understanding “defensible disclosure.”
Sniffing and mirroring network traffic from containers can be complicated. This post explores one approach to achieve this by injecting a sniffer...
Our new collaboration with CrowdStrike and Humio allows our customers and the community to experience the value of evidence.