%term

Black Hat Europe 2025: Lessons from the NOC

Feb 27, 2026 By Mark Overholser In Corelight

With the holiday season all wrapped up (pun definitely intended), I finally have time to sit down and digest what we saw in the network traffic at Black Hat Europe 2025 while working alongside the other Network Operations Center (NOC) partners: Arista, Cisco, Jamf, and Palo Alto Networks. As usual, there is a mix of the expected, a dash of the unexpected, and some lessons for newcomers and greybeards alike. Let’s get into it.

Read Post

Corelight

Read more about Black Hat Europe 2025: Lessons from the NOC

Episode 9 - Federal Cyber Defense: Legacy Debt, Cloud Shifts, and Network Truth

Feb 26, 2026 By Corelight In Corelight

Richard Bejtlich sits down with Jean Schaffer, Corelight’s Federal CTO, to discuss the unique hurdles facing government agencies in an era of escalating state-sponsored threats. Jean highlights the persistent challenge of legacy IT infrastructure and the "technical debt" that complicates modernization efforts across the Department of Defense, the intelligence community, and the civilian sector. The conversation explores the strategic shift toward cloud adoption as a means to decommission vulnerable on-premise hardware and the evolving "whole of nation" defense strategy that requires deeper public-private partnerships.

View Video

Corelight

Read more about Episode 9 - Federal Cyber Defense: Legacy Debt, Cloud Shifts, and Network Truth

Stopping Real-World Attacks: Lessons from the Cyber Frontlines

Feb 26, 2026 By Sophos In Sophos

We went live to break down insights from 661 real‑world incidents remediated by Sophos X‑Ops, as detailed in the Sophos Active Adversary Report 2026. Host Susie Evershed and Sophos Senior Incident Response Analyst Hilary Wood unpacked the key trends shaping today’s threat landscape, including the continued dominance of identity‑driven attacks and the prevention steps that still made the biggest difference.

View Video

Sophos

Read more about Stopping Real-World Attacks: Lessons from the Cyber Frontlines

Sophos Active Adversary Report 2026: Identity attacks dominate as threat groups proliferate

Feb 24, 2026 By Sophos In Sophos

Two-thirds of security incidents traced back to identity-related weaknesses as attackers move faster and strike after hours.

Read Post

Sophos

Read more about Sophos Active Adversary Report 2026: Identity attacks dominate as threat groups proliferate

Why Most Companies Don't Catch Internal Threats Until It's Too Late

Feb 24, 2026 By SecuritySenses In SecuritySenses

Every year, businesses lose billions to threats that don't come from hackers on the other side of the world. They come from inside the building. Whether it's financial misconduct, data theft, or simple policy violations that snowball into costly incidents, internal threats are consistently one of the hardest risks to detect and manage.

Read Post

SecuritySenses

Read more about Why Most Companies Don't Catch Internal Threats Until It's Too Late

Corelight at SC25: A laboratory for securing the fastest conference network

Feb 17, 2026 By Mark Overholser In Corelight

I’ve worked as a threat hunter in several Black Hat Security Conference Network Operations Centers (NOCs) across the globe. So I didn’t expect to be surprised by much when signing on to be a part of the NOC for SCinet—a conference that has the “fastest conference network in the world.” And yet I was surprised by just how diverse the SCinet NOC team was, how collaborative the environment was, and how much we were able to achieve with automation in such a short amount of time.

Read Post

Corelight

Read more about Corelight at SC25: A laboratory for securing the fastest conference network

Sophos Firewall: Configuration Viewer

Feb 17, 2026 By Sophos In Sophos

An overview of the new Sophos Firewall Configuration Viewer - a standalone, browser-based tool that converts firewall configurations into a clear, human-readable format, enhancing your viewing, auditing, documentation, and comparison capabilities. All data is processed locally, so your information remains 100% private. Ask questions and get expert answers in the Sophos Community.

View Video

Sophos

Read more about Sophos Firewall: Configuration Viewer

Episode 8 - Enterprise Nervous System: Using Network Signal to Direct Business Strategy

Feb 12, 2026 By Corelight In Corelight

In this episode of Corelight Defenders, I’m joined by Bernard Brantley, Chief Information Security Officer at Corelight, as we delve into the concept of the enterprise nervous system. Bernard shares insights from his extensive experience in network analysis, explaining how organizations can leverage their network traffic data to enhance security and drive business outcomes. We discuss the importance of understanding the interdependencies between assets, processes, and goals, and how security teams can position themselves as integral to business success rather than just risk mitigators.

View Video

Corelight

Read more about Episode 8 - Enterprise Nervous System: Using Network Signal to Direct Business Strategy

The 2026 Forecast for AI-Driven Threats

Feb 9, 2026 By Netacea In Netacea

2025 changed the shape of digital risk. In 2026, the impact accelerates. The fastest-growing threats no longer look like traditional attacks. They arrive through apparently legitimate automated access – AI agents, LLM crawlers, and delegated automation interacting directly with revenue-critical systems. They don’t trigger alarms. They quietly extract value, distort pricing logic, and reshape digital economics at scale.

Read Post

Netacea

Read more about The 2026 Forecast for AI-Driven Threats

Sophos MDR AI Agents for Triage and Case Investigation

Feb 9, 2026 By Sophos In Sophos

These are just a few, powerful examples of how we're building out the Agentic SOC, driven by human expertise to deliver superior cybersecurity outcomes.

View Video