CONTACT US
forrester wave report 2023

Forrester rates Corelight a strong performer

GET THE REPORT

ad-nav-crowdstrike

Corelight now powers CrowdStrike solutions and services

READ MORE

ad-images-nav_0013_IDS

Alerts, meet evidence.

LEARN MORE ABOUT OUR IDS SOLUTION

ad-images-nav_white-paper

5 Ways Corelight Data Helps Investigators Win

READ WHITE PAPER

glossary-icon

10 Considerations for Implementing an XDR Strategy

READ NOW

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

ad-nav-NDR-for-dummies

NDR for Dummies

GET THE WHITE PAPER

video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

g2-medal-best-support-ndr-winter-2024

Network Detection and Response

SUPPORT OVERVIEW

 

Take the Corelight challenge: Splunk’s Boss of the SOC

Looking for some threat hunting and incident response practice that's more game than work? Check out the new Capture the Flag (CTF) challenges from Corelight, now available on Splunk’s Boss of the SOC (BOTS) website - just in time for .conf!

Our two on-demand BOTS modules will show you how Corelight data in Splunk can accelerate your processes and help analysts spend more time analyzing and less time fumbling with queries and gluing together data sources. You’ll pivot from Suricata alerts to Zeek® evidence, finding indicators of C2 beaconing, lateral movement, and data exfiltration along the way. Plus, you’ll see how valuable our HTTP, DNS, SSL, and x509 logs (and more) are for common incident response and threat hunting tasks.

We’ve designed the questions in these scenarios to lead you through typical analyst processes, making them interesting to current practitioners, while also approachable to folks who want to break into or advance in the security industry. Hints are available for many of the more challenging questions, but the exercise is designed so that most will be able to complete it within an 90 minutes to three hours. For help getting started, check out the “Intro to Corelight” video in the “Learn” section of the BOTS website.

If you’re ready for the challenge, head over to http://bots.splunk.com, sign in with a (free) Splunk account, and click on the Corelight logo to get started. 

Good luck and have fun!

by Ed Smith, Product Marketing Manager, Corelight

 

Recent Posts