April 2022

Unify endpoint and network evidence

Apr 29, 2022 By Corelight In Corelight

Unmanaged endpoints, vendor security appliances, cloud instances, and IoT devices often lack endpoint protection, creating hiding places that attackers exploit. Using Humio to correlate Falcon endpoint data with Corelight network evidence improves detection capabilities for all of your devices, and makes investigators and hunters faster.

View Video

Corelight

Read more about Unify endpoint and network evidence

What does XDR mean for your organization?

Apr 29, 2022 By Corelight In Corelight

As one of the hottest new buzzwords in the infosec space, XDR means many things to many people. This talk will discuss all of the possible components of an XDR solution through the lens of SOC operations, laying out the pros and cons of various approaches such as SaaS vs on-premise, specialized vs general tooling, etc. for organizations of different size, funding, and maturity levels. Best practice suggestions will be provided throughout, from general principles to specific integration code.

View Video

Corelight

Read more about What does XDR mean for your organization?

Sidecars for network monitoring

Apr 21, 2022 By Al Smith In Corelight

Monitoring container traffic and extracting rich security-centric metadata provides SOC analysts an inviolable source of truth for threat detection and incident investigation. This data complements the deep visibility provided by container agents and broad visibility through monitoring audit logs.

Read Post

Corelight

Read more about Sidecars for network monitoring

Detecting Windows NFS Portmap vulnerabilities

Apr 21, 2022 By Corelight Labs Team In Corelight

This month, Microsoft announced two vulnerabilities in portmap, which is part of ONC RPC, on Windows systems. This blog will discuss Zeek detection packages for CVE-2022-24491 and CVE-2022-24497 developed by Corelight Labs.

Read Post

Corelight

Read more about Detecting Windows NFS Portmap vulnerabilities

Network Evidence For XDR

Apr 20, 2022 By Corelight In Corelight

XDR - Extended detection and response - promises to integrate data from any source to stop today's sophisticated and often automated attacks. The key is: Which source? Register for this exclusive session for insights on why network evidence must be a key part of your XDR strategy. Topics to be discussed include how to: Walk away with new ideas on how to stay ahead of ever-changing attacks by using a data-first strategy for detection and response.

View Video

Corelight

Read more about Network Evidence For XDR

Explore Corelight evidence in Humio Community Edition

Apr 19, 2022 By Ed Smith In Corelight

Now available: A free and easy way to learn about Humio and Corelight. As part of our alliance partnership with CrowdStrike and Humio, Corelight is excited to announce a new collaboration that allows our customers and the community to experience the value of evidence.

Read Post

Corelight

Read more about Explore Corelight evidence in Humio Community Edition

Deeper visibility into Kubernetes environments with network monitoring

Apr 12, 2022 By Vijit Nair In Corelight

Network monitoring solutions can overcome the security visibility blind spots in Kubernetes environments, by providing a source of truth for SOC analysts. Container security solutions broadly span the spectrum of (a) prevention - securing the container image and ensuring the right policies are in place during runtime and (b) detection - monitoring runtime events for threat detection and investigation.

Read Post

Corelight

Read more about Deeper visibility into Kubernetes environments with network monitoring

Don't trust. Verify with evidence.

Apr 7, 2022 By Brian Dye In Corelight

What matters most in a criminal trial? Evidence. Everything depends on the quality and depth of facts deployed to build a case for innocence or guilt. Without compelling evidence, no jury can draw accurate conclusions.

Read Post

Corelight

Read more about Don't trust. Verify with evidence.

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

April 2022

Unify endpoint and network evidence

What does XDR mean for your organization?

Sidecars for network monitoring

Detecting Windows NFS Portmap vulnerabilities

Network Evidence For XDR

Explore Corelight evidence in Humio Community Edition

Deeper visibility into Kubernetes environments with network monitoring

Don't trust. Verify with evidence.

Monthly Archive

Follow Us