Ben Reardon - Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the ... Read more »
dfir
What did I just see? Detection, inference, and identification
By Richard Bejtlich, Principal Security Strategist, Corelight In the course of my network security monitoring work at Corelight, I’ve encountered the terms detection, inference, and identification. In this post I will examine what these ... Read more »