Splunk

Introducing the Cloud Sensor for GCP

Introducing the Cloud Sensor for GCP

| | Announcements, aws, google, Google GCP, Google Kubernetes, IaaS, json, Kafka, Microsoft Azure, MTU, Product, SIEM, SOC, Splunk, Suricata, syslog, TAPs, TCP, Terraform, vpc, Zeek
By Vijit Nair, Sr. Director, Product Management, Corelight Visibility is paramount in securing your cloud environment – as the adage goes, you cannot protect what you do not see. However, comprehensive visibility ...
Bright Ideas Blog
Raspberry Pi sensors for home networks

Who’s your fridge talking to at night?

| | Announcements, Corelight@Home, COVID-19, Elastic, home networks, Humio, Industry, json, Kafka, Linux, NDR, network security monitoring, open source, Raspberry Pi, redis, SANS, Seth Hall, Splunk, Suricata, syslog, TCP, Zeek
By Gary Fisk, Sales Engineer, Corelight I love origin stories – the tales of grand plans, unforeseen circumstances, and necessity that creates something new. These strange times have resulted in something new ...
Bright Ideas Blog
Small, fast and easy. Pick any three.

Small, fast and easy. Pick any three.

| | AArch64, Announcements, Corelight, encrypted traffic collection, encryption, json, Kafka, Linux, Product, Raspberry Pi, software, Splunk, ssl, Suricata, TCP, TLS, vm, Zeek, ZeekWeek
By Seth Hall, Co-Founder & Chief Evangelist, Corelight Zeek has been the darling of security defenders looking to get deep visibility into network traffic. Over the last two decades, Zeek has become ...
Bright Ideas Blog
11

Enhancing Visibility with Bitglass and Splunk

| | Access control, bitglass, CASB, Cloud Adoption, Cloud Data Protection, Cloud Security, Data management, SIEM, Splunk, visibility, working remotely
The complexity of organizations’ IT infrastructures is always increasing. Modern businesses are faced with cloud-based resources like software-as-a-service apps and infrastructure-as-a-service platforms, as well as personal devices, a diffuse remote workforce, IoT, ...
Bitglass Blog
Beating alert fatigue with integrated data

Beating alert fatigue with integrated data

| | cisco, dns, http, JA3, partnership, Phantom, Playbooks, ServiceNow, sha1, SIEM, Splunk, Suricata
By Alex Kirk, Corelight Global Principal for Suricata More than 15 years after Gartner declared that “IDS is dead” because it was too noisy to be effectively managed, alert fatigue continues to ...
Bright Ideas Blog

Detecting Zerologon (CVE-2020-1472) with Zeek

| | ciphertext, Corelight Labs, CVE-2020-1472, CVSS10, LateralMovement, Microsoft, Netlogon, Open Source Community, python, Secura, Sigma, Splunk, vulnerability, Windows Server, Zeek, ZeroLogon
By Yacin Nadji, Corelight Security Researcher CVE-2020-1472 aka Zerologon, disclosed by Tom Tervoort of Secura, is an illustrative case study of how a small implementation mistake in cryptographic routines cascades into a ...
Bright Ideas Blog
Meet the Corelight CTF tournament winners

Meet the Corelight CTF tournament winners

| | Announcements, Capture the Flag, Cobalt Strike C2, ctf, dns, Elastic, JA3, Open Source Community, pcap, Splunk, ssl.log, Zeek
By John Gamble, Director of Product Marketing, Corelight This summer, Corelight hosted a virtual CTF tournament where hundreds of players raced to solve security challenges using Zeek data in Splunk and Elastic ...
Bright Ideas Blog
A Day in the Life of a Splunk SearchDev Team Member

A Day in the Life of a Splunk SearchDev Team Member

| | Infosec Blog, Splunk, Workplace
Introduction The SearchDev (Search and Development) team makes Hurricane Labs unique. Our Splunk admin team and our SOC team should look familiar to most IT professionals; our admin team helps get your ...
Hurricane Labs

jSonar Introduces AI-Driven Sensitive Data Management (SDM) and Database Security Threat Prevention

| | jSonar, Splunk
Provides even tighter Splunk integration and expands database sources covered to over 60 databases Boston, MA/Vancouver, BC – July 15, 2020 – jSonar, the leader in modern database security, today announced major ...
Security Boulevard
Corelight Splunk App update: new dashboard and data

Corelight Splunk App update: new dashboard and data

| | Announcements, Community ID, Corelight Technical Add-on, ECS, EDR, encrypted traffic, ETC, HELK, MISP, NDR, osquery, partnership, SOC, Splunk, SSH, Suricata
By Roger Cheeks, US-East Sales Engineer, Corelight In support of Corelight’s latest software release, v19, we are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and ...
Bright Ideas Blog
Load more