Dealing with cybersecurity threats has become a constant challenge for organizations and tech professionals. The landscape is evolving, with cybercriminals employing increasingly sophisticated tactics. As we step into 2024, a year marked by economic uncertainty, staff layoffs, and the aftermath of widespread hybrid and remote work adoption, cyber threats are poised to exploit vulnerabilities within organizations.
Based on the well-known cybersecurity method, “honeypots”, Calico Cloud runtime security approach of Honeypods as decoy pods are designed to attract traffic to them from malicious sources and to detect suspicious activity within a Kubernetes cluster.
In this blog, I’ll share a few NetOps observations of the Black Hat network that I made during my time serving in the Black Hat Network Operations Center (NOC). My hope in doing so is to spark some ideas on how you can use an existing tool like Zeek for a new purpose. These insights were particularly revealing, despite not being linked to any security incidents.
It’s natural to want to believe that every new account creation or online purchase signals the legitimate growth of your business. But the alarming rise in financial and data losses attributed to fraud, suggests a different reality. There are thousands of bad actors actively looking to nickel and dime businesses and consumers. In 2022, a staggering 2.4 million fraud reports flooded the Consumer Sentinel Record.
Effective threat detection is critical to achieving a mature cybersecurity posture. Yet with so many threat detection options on the market, from managed detection and response (MDR) to managed security service providers (MSSPs) to security information and event management (SIEM), choosing the most effective one for your organization can be challenging.
At Corelight, we’re always striving to make the life of threat hunters and security analysts a little easier. It’s the reason we developed our Open NDR Platform that provides comprehensive, correlated network data and forensic evidence about everything happening on the network. If you’re familiar with Corelight, you probably already know that.
The explosion of interest in artificial intelligence (AI) and specifically large language models (LLMs) has recently taken the world by storm. The duality of the power and risks that this technology holds is especially pertinent to cybersecurity. On one hand the capabilities of LLMs for summarization, synthesis, and creation (or co-creation) of language and content is mind-blowing.
