Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



Typo traps: analyzing traffic to (or is it

A typo is one of those common mistakes with unpredictable results when it comes to the Internet’s domain names (DNS). In this blog post we’re going to analyze traffic for, and see how a very simple human error ends up creating unintentional traffic on the Internet. Cloudflare has owned for a few years now, but don’t confuse it with!

cato networks

The Cato Journey - Bringing SASE Transformation to the Largest Enterprises

One of the observations I sometimes get from analysts, investors, and prospects is that Cato is a mid-market company. They imply that we are creating solutions that are simple and affordable, but don’t necessarily meet stringent requirements in scalability, availability, and functionality. Here is the bottom line: Cato is an enterprise software company.


Beyond the firewall: Navigating SaaS security challenges

In today's digital age, businesses have witnessed a profound shift in how they operate. Software-as-a-Service (SaaS) solutions have become the backbone of many organizations, offering flexibility and scalability. While firewalls remain an essential part of cybersecurity, securing your digital assets in the SaaS realm is a multifaceted challenge.


How Can Kill Webs Change Security Thinking?

In my previous article, I proposed ways that modern network-derived evidence applies to the cyber kill chain—a concept created by Eric Hutchins, Michael Cloppert, and Rohan Amin that changed how security teams approach defending their digital assets. This article focuses on an evolved, non-linear version of the kill chain called the “kill web.”


When Solving the XDR Puzzle, Focus on the Problems You Must Fix

If you’re confused about cybersecurity tools and product categories, join the club. Security market confusion is a major side effect of years of increasingly sophisticated security threats and vendor innovation designed to prevent and respond to them. Add to that the growing use of AI and machine learning by both attackers and defenders and you have what can look like a vendor free-for-all.

New Acquisition Powers AI-based Network Detection and Response and Open XDR Capabilities for WatchGuard

Once integrated into the WatchGuard Unified Security Platform architecture, the CyGlass technology will deliver AI- and ML-based detection of network anomalies and accelerate Open XDR capabilities.
cato networks

Cato: The Rise of the Next-Generation Networking and Security Platform

Today, we announced our largest funding round to date ($238M) at a new company valuation of over $3B. It’s a remarkable achievement that is indicative not only of Cato’s success but also of a broader change in enterprise infrastructure. We live in an era of digital transformation. Every business wants to be as agile, scalable, and resilient as AWS (Amazon Web Service) to gain a competitive edge, reduce costs and complexity, and delight its customers.


Black Hat NOC USA 2023: A tale of sharp needles in a stack of dull needles

During Black Hat 2023 in Las Vegas, our Corelight team worked effectively and speedily with our first-rate Black Hat NOC partners Arista, Cisco, Lumen, NetWitness and Palo Alto Networks. I was fortunate enough to be a member of the NOC team at the show, helping to defend the Black Hat network. In this blog, I’ll share my experience within the Network Operations Center (NOC) as well as an incident that we detected, investigated, triaged, and closed using Corelight’s Open NDR Platform.