Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Episode 11 - The AI Maturity Journey: Data, Agents, and the Shift from Craft to Art

Richard Bejtlich talks with Vijit Nair, VP of Product at Corelight, about the evolving "AI Maturity Journey" for modern security teams. Vijit outlines a three-level spectrum of AI adoption, moving from basic human-driven assistance to automated swarms of agents, and eventually toward fully autonomous systems. They discuss why high-quality, unopinionated data remains the essential foundation for building trust in AI and how technologies like the Model Context Protocol (MCP) are turning human language into the primary interface for tool integration.

Cybersecurity for Education - Sophos Protected Classroom

Cybercriminals are targeting schools more than ever, drawn by sensitive student and staff data and the chance to disrupt learning. For educators already managing tight budgets and growing digital demands, a single breach can mean days of downtime and lasting reputational damage. Criminals are increasingly attracted by the valuable and sensitive information education establishments hold, and the opportunity to extort payments using ransomware or the threat of breach exposure.

Sophos Firewall ranked the #1 overall firewall solution in G2's Spring 2026 reports

Sophos Firewall ranked the overall firewall solution in G2’s Spring 2026 reports Why organizations are choosing Sophos Firewall to reduce exposure and strengthen resilience When organizations evaluate security products, they want real‑world proof of reliability, protection, and ease of management.

Corelight Agentic Triage demo

Corelight is excited to introduce Agentic Triage! In this demo, you can see how Agentic Triage helps SOC analysts filter through alerts and respond quickly to active threats. We combine generative AI with our industry leading log framework to identify the detections and cases that truly matter. This video shows how you can use Agentic Triage to quickly perform deep dives into open detections and make confident decisions to secure your network.

Corelight Agentic Triage overview

Corelight is excited to introduce Agentic Triage! In this demo, you can see how Agentic Triage helps SOC analysts filter through alerts and respond quickly to active threats. We combine generative AI with our industry leading log framework to identify the detections and cases that truly matter. This video shows how you can use Agentic Triage to quickly perform deep dives into open detections and make confident decisions to secure your network.

NICKEL ALLEY strategy: Fake it 'til you make it

Counter Threat Unit (CTU) researchers continue to investigate trends in Contagious Interview campaign activity conducted by NICKEL ALLEY, a threat group operating on behalf of the North Korean government. The group notoriously targets professionals in the technology sector by advertising fake job opportunities, deceiving prospective candidates through a fake job interview process, and ultimately delivering malware.

Oracle vulnerability (CVE-2026-21992) impacts core products

On March 20, 2026, Oracle disclosed a critical (CVSS score of 9.8) vulnerability (CVE-2026-21992) impacting two Oracle Fusion Middleware components: Oracle Identity Manager and Oracle Web Services Manager. An unauthenticated attacker could exploit the vulnerability to obtain network access via HTTP and remotely execute code. Critical functions of the products are exposed due to the lack of network-level authentication. As of this publication, there are no reports of active exploitation.

The global CISO landscape: A leadership gap too large to ignore

The global CISO landscape: A leadership gap too large to ignore Why the world needs scalable security leadership — and MSPs and MSSPs are key to delivery The 2026 CISO Report, published by Cybersecurity Ventures in partnership with Sophos, highlights a critical imbalance in global cybersecurity leadership. Despite decades of progress and near-universal CISO adoption in Fortune 500 and Global 2000 organizations, there are still only 35,000 CISOs worldwide serving an estimated 359 million businesses.

Fueling Cisco XDR with Corelight high-fidelity network evidence

From hunting threats to solving complex problems to coding on a couch, adventures in the Black Hat NOC (Network Operations Center) are always interesting. Over the last few months and several shows, I’ve had the privilege of working with one of the other NOC partners, Cisco, to design and test our first integration between Corelight Investigator and Cisco XDR.

From alerts to entities: Transforming the SOC with Corelight Agentic Triage

The cybersecurity landscape has fundamentally shifted in the last several years. Adversaries are no longer just using AI to draft phishing emails; they're deploying autonomous AI agents capable of executing end-to-end attack chains, from initial reconnaissance through lateral movement and data exfiltration. Anthropic's1 analysis of recent incidents indicates a rapid acceleration in attacker adoption of agentic workflows, dramatically shortening the time between initial access and impact.