Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Working with encrypted traffic is a common task in the SOC and one that many people think network monitoring solutions can't do anything about. The reality, however, is a bit less cut and dry than you might think. Corelight with Zeek can parse details about the certificate handshake and the SSL connection itself. See the cipher and elliptic curve in use, which are great for detecting vulnerabilities like CurveBall. Learn more about Corelight's Encrypted Traffic collection in this brief two minute video.

Watch this webcast to get the best network evidence for security threats and learn how to.

Poor Operational Technology (OT) security can lead to serious IT data breaches. Learn from experts at Splunk, Corelight, and ClearShark about the risks unsecured OT systems pose to IT networks, and how visibility into network traffic can enable accurate alerting to malicious behavior. You’ll learn key differences between OT and IT networks, about Corelight’s ability to understand and enhance OT protocols, and the value of Zeek wire data for both IT and OT security.

Network evidence is vital for defense, but collecting it can be overly complicated and result in incomplete data that is difficult to use. By transforming VPC and on-premises traffic into Zeek logs and Suricata alerts, you can accelerate threat hunting and incident response workflows in security analytics tools like Chronicle and VirusTotal.

Does the dark web hold security secrets about your organization? Falcon X Recon collects and monitors activity from millions of restricted web pages, criminal forums and encrypted messaging platforms — the hidden recesses of the internet where criminal actors congregate and underground digital economies thrive. By empowering security teams to conduct investigations in real time, they can proactively uncover fraud, data breaches, phishing campaigns and other online threats that target their organization.