Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Expanded Suricata detections with Dtection.io

One of the most common questions that Corelight customers and prospects who are using our Suricata integration ask is “what signatures should I run?” While our answer has always started with the industry-standard Emerging Threats Pro feed, we recognize that other feeds - like the ones from Crowdstrike or private industry groups - often make excellent additions to the ET Pro set.

Microsoft + Corelight partner to stop IoT attacks

When you hear the term “Internet of Things,” (IoT) do you picture home devices like lightbulbs, smart assistants, and wifi-connected refrigerators? Perhaps you think of enterprise devices like video conferencing systems, smart sensors, or security cameras? Or maybe traditional office equipment like VoIP phones, printers, and smart TVs come to mind. No matter what devices you imagine, IoT represents an ever-expanding attack surface.

Featured Post

XDR marketing is fueling the cybersecurity problem for businesses

If there is one positive we can take from the last sixteen months, it is businesses embracing a more flexible working culture for their employees. Fundamental changes to the traditional nine-to-five working day means that many companies, in part, have already successfully transformed some of their operations to meet the demands of a new hybrid working world that is now very much the norm.

OT Security: Risks, Challenges and Securing your Environment

Before the revolution of Information Technology (IT), the world experienced the revolution of Operational Technology (OT). Operational Technology is the combination of hardware and software that controls and operates the physical mechanisms of industry. OT systems play an important role in the water, manufacturing, power, and distribution systems that transformed industry into the modern age. All of these systems function to operate, automate, and manage industrial machines.

The Callback is Coming From Inside the House

This bone-chilling webinar will cover: A spine-tingling hands-on-keyboard scenario of a motivated and capable insider threat working with the ghoulish adversary. Use of realistic and terrifying exploits and offensive security tools to simulate adversary TTPs, and how organizations are able to hunt for them. A practical threat hunting session demonstrating true behavioral hunting that walks participants through not only how the attack was carried out, but also how they can hunt for this insidious behavior in their own environments.

Code similarity analysis with r2diaphora

Binary diffing, a technique for comparing binaries, can be a powerful tool to facilitate malware analysis and perform malware family attribution. This blog post describes how AT&T Alien Labs is leveraging binary diffing and code analysis to reduce reverse-engineering time and generate threat intelligence.

High(er) Fidelity Software Supply Chain Attack Detection

Over the last year, many of us have been introduced to the term “Software Supply Chain”. For better or worse, it is now part of our defense vernacular and won’t be going away any time soon. If anything, it has consumed us in many ways and has been the cause of many nights of lost sleep. Well, that could just be us on the SURGe team here at Splunk.

Detect & Resolve Threats with Real-Time Salesforce Events and Splunk

Salesforce Event Monitoring exposes dozens of logs plus unique enriched and ML-generated real-time events. Learn how Splunk helps you get deep visibility across multiple Salesforce organizations and beyond to flag anomalies, protect against internal and external threats, and prevent accidental data loss. Drill into risky LoginAs behavior and pinpoint user permission changes including over-privileged users. Finally, see how a Salesforce Security team can recognize and respond to a credential stuffing attack... all without leaving Slack!

Introducing AT&T Managed Extended Detection and Response (XDR)

In today’s dynamic threat landscape, having different tools to meet unique security requirements helps keep data protected. However, businesses today have 10 to 50+ security tools and consequently spend too much time managing them instead of protecting against cybercrime. This security tool overload creates internal challenges and potentially distracts from the primary business mission.