Corelight Federal CTO Jean Schaffer on how validating what asset management and vulnerability detection practices are producing is vital for BOD...
Corelight Investigator platform is engaged in attestation for GDPR to support customer threat hunting and incident response operations across Europe.
Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.
Organizations often implement a data collection strategy out of fear, collecting everything “just in case.” I challenge the assumption.
We show how enriching Zeek® logs with cloud and container context makes it faster to tie interesting activity to the container or cloud asset...
In this post Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek-based detection for it.
This post shows how a Microsoft NFS exploit (CVE-2022-26937) can be detected using Zeek.
This morning we announced Corelight Investigator, an open NDR platform that enables security teams with next-level evidence. Here is how it works.
In this post, we share simple ways to detect evidence of CVE-2022-22954 in Zeek logs, which can be adapted to other data stores (e.g., a SIEM).