Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Securing a network against the myriad of evolving cyber threats requires more than just a robust firewall or endpoint protection platform; it demands a multifaceted approach. Corelight’s Open Network Detection and Response (NDR) Platform complements and significantly enhances the effectiveness of next-generation firewalls (NGFWs). Here are 9 reasons why adding Corelight to your cybersecurity arsenal, alongside existing NGFWs, is not just an upgrade but a strategic necessity.

In this second post of our threat hunting with Corelight and CrowdStrike blog series we dive into Persistence, which is one the many tactical categories outlined in the MITRE ATT&CK framework. In our previous blog, we reviewed some of the common techniques in the Initial Access category, like Drive-By Compromise and Spearphishing. In this post, we examine and provide some useful threat hunting tips on some of the common tactics attackers use to maintain long-term access to a target's environment.

10 minutes to pain. When it comes to cloud security, 10 minutes or less is what bad actors need to execute an attack. Does it mean your business could be at risk if you fail to detect and respond to an attack in less than 10 minutes? Absolutely yes. With more and more sophisticated security attacks actively occurring nowadays, security teams need to hold themselves to a modernized benchmark.

The Sysdig Threat Research Team (TRT) published their latest Cloud-Native Security & Usage Report for 2024. As always, the research team managed to shed additional light on critical vulnerabilities inherent in current container security practices.

Public cloud infrastructure is, by now, the default approach to both spinning up a new venture from scratch and rapidly scaling your business. From a security perspective, this is a brand new (well, by now more than a decade old) attack surface. “Attack surface” is a commonly used term that denotes the aggregate of your exploitable IT estate, or all of the different pathways a hacker might be able to use to gain access to your systems, steal your data, or otherwise harm your business.

Targeted attacks in cloud security are on the rise, hitting businesses big and small. This surge in threats puts developers like you in a crucial position. You’re not just coding – you’re on the front lines against a variety of cybersecurity risks that are growing and changing every day. With 80% of companies encountering at least one cloud security incident in the last year, the relevance and utility of Cloud Threat Detection (CTR) tools becomes particularly apparent.

How often do you scan QR codes without a second thought? What if that innocent decision could expose you to a growing threat in the digital landscape? QR codes—short for quick response codes—have soared in popularity, becoming essential in our digital era. Originally designed for industrial tracking, their ease of use has made them a go-to tool for information sharing.

“Secure the endpoints!” This battle cry can sound like a meme, sure, but it also highlights arguably the most important part of modern cybersecurity today: are we securing the endpoints? A compromised network is likely to leave traces of anomalous and unauthorized activities that originate from network endpoints.

Over the last few years, the evolution of cybersecurity strategies has seen a significant shift toward a more layered, nuanced, and, in many cases, advanced approach. Among these advancements, Network Detection and Response (NDR) has emerged as a critical component that continues to become more widely recognized and accepted across the industry for its efficacy in bolstering cybersecurity defenses.