Despite its inherent flaws, today’s SIEM software solutions still shine when it comes to searching and investigating log data. One…
MixMode creates a generative baseline. Unlike the historically-based baselines provided by add-on NTA solutions, a generative baseline is predictive, real-time,…
Most SIEM vendors acknowledge the value of network traffic data for leading indicators of attacks, anomaly detection, and user behavior…
One of the most prevalent issues impacting the effectiveness of security teams who use SIEM as their primary means of…
Traditional security vendors offering solutions like SIEM (Security Information and Event Management) are overpromising on analytics while also requiring massive…
COVID-19 has caused most corporate businesses that remain open to shift to a work from home, remote workplace. Because of…
By Roger Cheeks, Solutions Engineer, Corelight Corelight sensors put your organization in the best position to watch over DNS traffic…
How do I configure a firewall appliance in public IaaS? How do I install anti-virus inside a container? How do…
After many discussions and a bit of a re-write, our new paper “Applying Network-Centric Approaches for Threat Detection and Response”…
New research based on observed attack data over the second half of 2018 (2H 2018) reveals the command-and-control and lateral…