By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams to ensure that logging ... Read more »
Zeek
Getting the most out of your NIDS
By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the value of NIDS, but ... Read more »
Detecting SUNBURST/Solarigate activity in retrospect with Zeek – a practical example
Ben Reardon - Corelight Labs Researcher The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the ... Read more »
Finding SUNBURST backdoor with Zeek logs & Corelight
John Gamble, Director of Product Marketing, Corelight ------------------------------------------- UPDATE 12-16-20: Corelight Resources WEBCAST RECORDING - Finding SolarWinds backdoors with Zeek, Suricata & Corelight - watch hereWEBCAST ... Read more »
Introducing the Cloud Sensor for GCP
By Vijit Nair, Sr. Director, Product Management, Corelight Visibility is paramount in securing your cloud environment - as the adage goes, you cannot protect what you do not see. However, comprehensive visibility in an IaaS (infrastructure as a ... Read more »