The Evidence: September 2024
?? Have you heard?
The Corelight “Splunk App” builds on our native integration with Splunk’s platform and helps simplify SOC workflows and investigations while reducing dwell time, mean time to respond (MTTR) and operational costs. Attend this webinar to see a demo and learn from Splunkers and SIEM experts how the app’s intuitive dashboards quickly unpack details of hybrid and multicloud network activity.
[Webinar] Level up your NDR: Real-time threat detection for hybrid networks with packet visibility
Hybrid cloud environments are changing rapidly and experiencing increasingly sophisticated cyber attacks. ?As data traverses across on-prem networks and virtual/public cloud environments, comprehensive visibility into packet-level activities becomes paramount for identifying and mitigating potential security threats. Learn how packet visibility can drive your NDR solution and inform a robust threat detection strategy.
[Webinar] Strengthen network defense against covert exploits
Attackers are shifting their tactics to target the network periphery, where traditional endpoint detection and response (EDR) sensors may not be deployed or supported. These covert exploits can bypass conventional defenses like legacy intrusion detection systems (IDS) and enable lateral movement. In this webinar, CrowdStrike and Corelight explain recent trends in these exploitation tactics, the challenge of securing the network periphery and effective strategies for enhancing visibility and defense.
[Webinar] Re-think network security with cloud transformation
Network architects are adapting their strategies to combat the unique challenges in cloud environments that have upended traditional security approaches. In this webinar, we’ll explore limitations of existing preventative controls and the need for enhanced visibility, robust threat detection, and elastic scaling. We’ll conclude with a compelling case study that explains how open network detection and response (NDR) can enhance multi-cloud security.
Detecting abuse of NetSupport Manager
In this month’s threat hunt, we highlight effective methods for detecting the malicious use of NetSupport Manager, leveraging clear-text HTTP traffic and the CMD=ENCD command as indicators. We also demonstrated how simple it is to implement this detection using a Zeek signature and how defenders can quickly identify and respond to potential threats.
Corelight’s CEO: What CISA's advisories really mean for defenders
In this Risky Business News sponsored interview, Tom Uren talks to our CEO Brian Dye about a string of recent CISA advisories. Brian dives beneath their highlighted technical issues to extract a unifying message—and warning—about how we must adopt a holistic approach to security based on timelines, tactics and data analysis to counter emerging threats.
领英推荐
Unparalleled visibility and threat detection for SSE environments
With the rapid adoption of Secure Access Service Edge (SASE) and Security Service Edge (SSE) solutions, maintaining comprehensive visibility becomes even more critical. Learn how the Corelight-Netskope integration empowers organizations to eliminate blind spots, accelerate time to case resolution, reduce dwell time and defend against advanced threats.
Stronger security with Corelight and Mandiant Managed Defense
Last week, Mandiant Managed Defense unveiled support for Corelight Open NDR, a move that strengthens our existing relationship and integration across the Google Cloud Security portfolio. By combining our expertise in network evidence with Mandiant's Managed Defense, we are uniquely positioned to help organizations bolster their defenses against the most sophisticated cyber threats.
Corelight Open NDR achieves VMware ready for Telco Cloud infrastructure certification
In the next step towards comprehensive cloud security, our Open NDR platform now includes VMware Ready for Telco Cloud infrastructure (TCI) certification and is now active in the VMware Marketplace. Developed to expedite the process of integrating new certified virtual network functions (VNFs) and containerized network functions (CNFs) to communications service providers (CSP) and large enterprise networks, the VMware ready for Telco Cloud Program supports cloud native functions and multi-cloud automation and orchestration to accelerate modernization efforts.
Want better network visibility? Don't just go with the (net)flow
In the Black Hat network operations center (NOC) must build, harden and tear down an enterprise-grade network in just a few days. Monitoring and incident response in these conditions requires rich data to fuel best-in-class technologies. Learn how Corelight’s NOC veterans dig deeper into Netflow, firewall logs and other network information and use innovative threat hunting techniques to keep the conference up and running.
Carrefour enhances cybersecurity with Corelight?
Carrefour, one of the world’s largest retail groups, faced the daunting challenge of securing its expansive network infrastructure against increasingly sophisticated cyber threats. Corelight's network detection and response solution emerged as the ideal choice. See how our capabilities strengthened Carrefour's defense while ensuring a secure environment for its customers and business operations.
Additional Resources