Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Episode 3 - Network Visibility in the Cloud: Why Network Traffic Analysis Remains Critical

Dec 4, 2025 By Corelight In Corelight
Richard Bejtlich discusses cloud security from a network-centric perspective with Corelight's cloud security researcher, David Burkett. They explore why monitoring network traffic remains essential in cloud environments, despite the presence of native security features offered by cloud providers. David highlights common threats such as container compromises, coin miners, and supply chain attacks, emphasizing the value of traffic visibility for detecting unusual behaviors and breaches.
View Video
Why Data Transformation Techniques Are Essential for Security Intelligence

Why Data Transformation Techniques Are Essential for Security Intelligence

Dec 3, 2025 By SecuritySenses In SecuritySenses
In today's digital world, the amount of data generated by organizations is growing at an unprecedented rate. Every day, businesses, governments, and individuals produce vast streams of information, from financial records and customer interactions to logs from security systems. While this data holds incredible potential for insights, it is often raw, unstructured, and scattered across multiple sources. Security intelligence, which relies on accurate and actionable information to detect threats and make informed decisions, cannot function effectively without proper preparation of this data.
Read Post

Episode 2 - Inside the Black Hat NOC: Defending a hostile conference network

Nov 20, 2025 By Corelight In Corelight
Richard Bejtlich talks with Corelight Principal Technical Marketing Engineer Mark Overholser about what it takes to run the Black Hat Network Operations Center and keep a “hostile” training network safe. They walk through how partners like Corelight, Cisco, Palo Alto Networks, Arista, and Lumen build and monitor the conference network, how the team tells lab traffic from real infections, and why misconfigured self hosted services still show up in surprising ways.
View Video
threatbook

ThreatBook Peer-Recognized as a Strong Performer in the 2025 Gartner® Peer Insights Voice of the Customer for Network Detection and Response - for the Third Consecutive Year

Nov 13, 2025 By ThreatBook
Recognition we believe underscores global customer trust and proven product excellence for security teams evaluating NDR solutions.
Read Post
Corelight

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Oct 30, 2025 By Allen Marin In Corelight
In the ever-escalating battle against cyber threats, security teams are often caught in a deluge of alerts, struggling to distinguish real threats from the noise. The sheer volume of threat data can be overwhelming, leading to alert fatigue and, worse, missed detections. But what if you could really cut through the clutter and focus on what truly matters?
Read Post
Corelight

Corelight's enhanced threat detection: staying ahead of evasive threats

Oct 30, 2025 By Tim Chiu In Corelight
In today's rapidly evolving cybersecurity landscape, organizations face unprecedented challenges. Cyber threats are not only increasing in volume but are also becoming more sophisticated and evasive, using AI themselves to enhance their attacks. The attack surface has expanded dramatically, while Security Operations Centers (SOCs) are often left with fewer resources to combat these growing threats.
Read Post

Episode 1: Typhoon Season with Vincent Stoffer

Oct 30, 2025 By Corelight In Corelight
Richard Bejtlich sits down with Vince Stoffer, Corelight's Field CTO, to dive into the recent wave of cyberattacks attributed to Chinese threat actors, known as "Typhoon" groups. Vince unpacks the distinctions between "Volt Typhoon," targeting critical infrastructure sectors such as energy and transportation, and "Salt Typhoon," which is infiltrating telecommunications networks for espionage. The conversation explores the evolving tactics, techniques, and procedures (TTPs) used by these groups, including their exploitation of zero-day vulnerabilities and outdated infrastructure.
View Video
Corelight

No PoCs? No problem. How to hunt for F5 exploitation even when details are sparse

Oct 28, 2025 By David Burkett In Corelight
Endpoint detection and response (EDR) tools, and the analysts using them, have become incredibly effective. They have become so good, in fact, that we're now seeing a clear shift in adversary behavior: attackers are being pushed off the endpoint and onto places where EDR cannot run. This isn't just a theory. As I was writing a separate blog about a recent Cisco exploit which spurred an immediate CISA emergency directive, news dropped about another major network edge vendor, F5.
Read Post
Corelight

Are you blind to the next big firewall exploit? Warning signs and lessons learned from the recent Cisco exploit

Oct 20, 2025 By David Burkett In Corelight
It feels like the security world is caught in a recurring cycle. We see a spike in strange scanning activity, file it away as internet background noise, and then weeks later, a major zero-day exploit drops, targeting the very technology that was being scanned. The recent Cisco ASA vulnerabilities were a textbook example of this pattern. A September 4, 2025, report from GreyNoise highlighted a massive surge in scanning, with over 25,000 unique IPs probing Cisco ASA devices.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.