Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

Corelight Smart PCAP

Security teams can save up to 10x the packet retention period at 50% the cost compared to full packet capture! Sounds too good to be true, right? It’s not! With powerful, yet easy-to-use pcap levers we let security teams capture just the packets needed for investigations, and correlate them with our alerts and logs, and make packets 1-click retrievable. With Smart PCAP you get months, not days' worth of packet visibility.

Detectify developing API security testing with fuzzing

Yes the rumors are true, the teams at Detectify are working hard at researching and developing security testing for APIs. Senior security researchers, Tom Hudson and Fredrik Nordberg Almroth answer questions about API security. Just like web apps, APIs can’t be secured with rule-based automated scanners - they need context! That’s why we are developing our fuzzing engine to cover public-facing APIs and test them like a hacker would.

Brain Break from Fal.Con for Public Sector: Carbon Spider Threat Intel Highlight

Carbon Spider is a highly skilled criminal group that primarily targeted the hospitality and retail sectors in pursuit of payment card data. This interview with Nina Padavil, Strategic Threat Advisor, CrowdStrike, and Robert Bruno, Commercial Illustrator, will highlight Carbon Spider’s targets, tactics and motivations. You don't have a malware problem, you have an adversary problem – stay ahead of the adversaries and learn more at the Adversary Universe.

Are We Forever Doomed By Software Supply Chain Risks? Cyber Week Israel 2021, Liran Tal

The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.

How to Spot C2 Traffic on Your Network

Attackers often hide their command and control (C2) activity using techniques like encryption, tunneling in noisy traffic like DNS, or domain generation algorithms to evade blacklists. Reliably spotting C2 traffic requires a comprehensive network security monitoring capability like open source Zeek that transforms packets into connection-linked protocol logs that let analysts make fast sense of traffic. Corelight’s commercial NDR solutions generate this Zeek network evidence and also provide dozens of proprietary C2 insights and detections.

A SANS 2021 Report Top New Attacks and Threat Report

In the SANS 2021 Top New Attacks and Threat Report, John Pescatore provides insight into the threats highlighted during the SANS panel discussion at the 2021 RSA Conference. This webcast will include practical advice from the paper, including insights from SANS instructors Ed Skoudis, Heather Mahalik, Johannes Ullrich, and Katie Nickels on the critical skills, processes and controls needed to protect their enterprises from these advanced attacks.