Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Imagine you're responsible for the security of a bustling network, constantly under threat from bad actors looking to exploit any vulnerability. How do you keep up? Enter Snort, a powerful open-source tool that acts as your network’s watchdog, scanning for potential threats and alerting you when something seems off. In this guide, we'll break down how Snort works, focusing on the critical rules that make this tool effective at protecting your network.

The Cato CTRL and Cato Application Security Research teams recently discovered CVE-2023-49559, a directive overload Denial of Service (DoS) vulnerability in the gqlparser library, which is a crucial component in the development and running of GraphQL applications. The vulnerability is of medium severity (CVSS score of 5.3). The gqlparser library is an integrated component of the gqlgen Golang GraphQL server, widely used in web applications to handle GraphQL queries.

At Corelight, we’re thrilled when a respected cybersecurity leader like Mandiant introduces a new offering based on our solution. This week, Mandiant Managed Defense unveiled support for Corelight Open NDR, a move that strengthens our existing relationship and integration across the Google Cloud Security portfolio.

Many people are turning to personal VPNs in order to avoid increasing restrictions and oversight over online browsing, but these VPNs can represent risks to personal and corporate cybersecurity.

Accelerate Your Hybrid Cloud Security with Corelight Open NDR, now in the VMware Marketplace Corelight’s Open NDR platform has achieved VMware Ready for Telco Cloud Infrastructure (TCI) certification and is now active in the VMware Marketplace.

Firewalls act as the first line of defense, filtering network traffic and blocking malicious activities to safeguard sensitive data and systems. However, setting up a firewall is just the beginning. To ensure it provides optimal protection, it’s essential to implement certain practices for ongoing management. Firewall management involves a series of critical processes to ensure that the firewall operates effectively and provides comprehensive protection against cyberthreats.

In 2023, nearly 60% of incidents investigated by Arctic Wolf Incident Response involved a vulnerability that was two — or more — years old. That means the organization had 24-plus months to find and remediate the vulnerability before threat actors took advantage. Why do vulnerabilities remain persistent? There’s a number of reasons, not the least of which is that more of them pop up each day, creating a mountain of vulnerabilities that feels too difficult to summit for most businesses.

As organizations increasingly integrate artificial intelligence (AI) into their operations, the nature of data security is undergoing significant transformation. With AI’s ability to process vast amounts of data quickly, the risk of data breaches and leaks has grown exponentially. In this context, Data Loss Prevention (DLP) has (re)emerged as a critical component for IT professionals seeking to safeguard sensitive information.