Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Unmanaged endpoints, vendor security appliances, cloud instances, and IoT devices often lack endpoint protection, creating hiding places that attackers exploit. Using Humio to correlate Falcon endpoint data with Corelight network evidence improves detection capabilities for all of your devices, and makes investigators and hunters faster.

As one of the hottest new buzzwords in the infosec space, XDR means many things to many people. This talk will discuss all of the possible components of an XDR solution through the lens of SOC operations, laying out the pros and cons of various approaches such as SaaS vs on-premise, specialized vs general tooling, etc. for organizations of different size, funding, and maturity levels. Best practice suggestions will be provided throughout, from general principles to specific integration code.

XDR - Extended detection and response - promises to integrate data from any source to stop today's sophisticated and often automated attacks. The key is: Which source? Register for this exclusive session for insights on why network evidence must be a key part of your XDR strategy. Topics to be discussed include how to: Walk away with new ideas on how to stay ahead of ever-changing attacks by using a data-first strategy for detection and response.

The state of cloud security is evolving. Many organizations are implementing new and more advanced cloud security services that offer cloud-focused controls and capabilities, including services and tools that provide network connectivity and security for end users and office locations, security monitoring and policy controls, and identity services, among others.

With the threat of Russian cyberattacks on the rise, it’s essential for defenders of critical infrastructure to pressure test their cyber defense capabilities. In this webcast, Corelight's Alex Kirk reviews the specific techniques, tactics, and procedures that defenders should monitor in order to identify and disrupt attacks in their environment. Alex has a long and storied career as a cybersecurity professional, including a recent volunteer engagement training Ukrainian cyberdefenders this past fall.

The years 2020 and 2021 were undoubtedly the years of ransomware. Threat actors wasted no time taking advantage of the chaos caused by the COVID-19 pandemic, launching attacks that netted millions (if not billions) of dollars in extortion fees and leaked a record amount of data from victim organizations. On this webcast, we will look at how ransomware defenses have changed from 2020 through 2022. The webcast will also explore ransomware threat actor changes, current trends, and how to implement defenses against those trends.

Attackers have already found thousands of potential ways to obfuscate their log4j attacks, which are sweeping the Internet at breakneck speed. SOCs protecting still-vulnerable assets have a duty to chase down every alert for it that pops up - which are coming in at a rate of tens or hundreds of thousands of times a day for larger enterprises. This webcast will covers how a data-driven strategy can automate that insurmountable task into a process that quickly reveals systems that actually responded to the attack - letting teams focus on the alerts that matter the most.

An advanced adversary has bypassed the perimeter defenses, moved inside the environment, and become a literal ghost in the machine, free to move from system to system.... searching for its next target. This is a scenario that every SOC fears, and it presents a daunting threat hunting challenge. But, as we will demonstrate, it doesn't have to.

New Age Network Detection: Keeping pace with the Evolution of Tech Infrastructure New approaches to network detection and response to address increasing attacker sophistication and cloud-based resources. How advances in analytics help organizations detect attacks in encrypted traffic and identify command and control traffic. The advantage of an open data approach is to integrate with existing detection capabilities.

XDR is new to the marketplace, and there remains confusion about what it is - and is not. Alex Kirk of Corelight likes to dispel the myth that it's about endpoint security. "You've got to have the N," he says - network technology. In this interview, he dispels myths and expounds on possibilities. In this video interview with Information Security Media Group, Kirk discusses.