Get Started

          Sunburst

          Smart PCAP and threat detection in the cloud

          Smart PCAP and threat detection in the cloud

          I am thrilled to publicly launch Corelight software version 22, which introduces a transformative new security product, Smart PCAP, and also enables threat detection in the cloud by extending Corelight’s Open NDR support for Suricata across... Read more »

          Detecting CVE-2021-31166 – HTTP vulnerability

          In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced many such responses over the last year (see Appendix A), and this one is a good demonstration... Read more »

          Extending NDR visibility in AWS IaaS

          Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams to ensure that logging is configured (and stays configured) on every service, to... Read more »

          Detecting SUNBURST/Solarigate activity in retrospect with Zeek

          The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the SolarWinds package. Read more »

          Finding SUNBURST backdoor with Zeek logs & Corelight

          UPDATE 12-16-20: Corelight Resources Read more »

          Search

            Recent Posts