Zeek
Detecting CVE-2022-30216: Windows Server Service Tampering
Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.
Featured
Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence
Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...