%term

What does XDR mean for your organization?

Apr 29, 2022 By Corelight In Corelight

As one of the hottest new buzzwords in the infosec space, XDR means many things to many people. This talk will discuss all of the possible components of an XDR solution through the lens of SOC operations, laying out the pros and cons of various approaches such as SaaS vs on-premise, specialized vs general tooling, etc. for organizations of different size, funding, and maturity levels. Best practice suggestions will be provided throughout, from general principles to specific integration code.

View Video

Corelight

Read more about What does XDR mean for your organization?

Unify endpoint and network evidence

Apr 29, 2022 By Corelight In Corelight

Unmanaged endpoints, vendor security appliances, cloud instances, and IoT devices often lack endpoint protection, creating hiding places that attackers exploit. Using Humio to correlate Falcon endpoint data with Corelight network evidence improves detection capabilities for all of your devices, and makes investigators and hunters faster.

View Video

Corelight

Read more about Unify endpoint and network evidence

CrowdStrike Introduces Adversary-Focused CNAPP Capabilities Designed to Secure and Protect Cloud Applications from Sophisticated Threats

Apr 28, 2022 By CrowdStrike In CrowdStrike

Falcon platform offers cloud security with agent-based and agentless protection, which provides organizations the flexibility they need to secure their cloud environments.

Read Post

CrowdStrike

Read more about CrowdStrike Introduces Adversary-Focused CNAPP Capabilities Designed to Secure and Protect Cloud Applications from Sophisticated Threats

Sidecars for network monitoring

Apr 21, 2022 By Al Smith In Corelight

Monitoring container traffic and extracting rich security-centric metadata provides SOC analysts an inviolable source of truth for threat detection and incident investigation. This data complements the deep visibility provided by container agents and broad visibility through monitoring audit logs.

Read Post

Corelight

Read more about Sidecars for network monitoring

Network Evidence For XDR

Apr 20, 2022 By Corelight In Corelight

XDR - Extended detection and response - promises to integrate data from any source to stop today's sophisticated and often automated attacks. The key is: Which source? Register for this exclusive session for insights on why network evidence must be a key part of your XDR strategy. Topics to be discussed include how to: Walk away with new ideas on how to stay ahead of ever-changing attacks by using a data-first strategy for detection and response.

View Video

Corelight

Read more about Network Evidence For XDR

Why Managed Detection and Response is a Key Component to any Security Plan

Apr 20, 2022 By Trustwave In Trustwave

The overnight move to remote and hybrid work models instantly created a more complex infrastructure for many organizations as they shifted their workers from corporate offices to their homes. The threat surface expanded exponentially as devices moved off-prem and into potentially unsecured environments and grew again as workers added their own devices to the mix.

Read Post

Trustwave

Read more about Why Managed Detection and Response is a Key Component to any Security Plan

Understanding Suspicious User Types With UEBA

Apr 19, 2022 By Logsign Team In Logsign

The cybersecurity threat landscape is evolving rapidly. Hackers and other malicious users are becoming increasingly sophisticated in their attack methods, rendering traditional security tools obsolete. Modern cybercriminals will use any means to break into firewalls, send emails with infected attachments, or even bribe employees to share login credentials. Businesses in all industries must identify and implement comprehensive IT security tools and strategies to protect their valuable assets.

Read Post

Logsign

Read more about Understanding Suspicious User Types With UEBA

Explore Corelight evidence in Humio Community Edition

Apr 19, 2022 By Ed Smith In Corelight

Now available: A free and easy way to learn about Humio and Corelight. As part of our alliance partnership with CrowdStrike and Humio, Corelight is excited to announce a new collaboration that allows our customers and the community to experience the value of evidence.

Read Post

Corelight

Read more about Explore Corelight evidence in Humio Community Edition

Weaponizing paranoia: developing a threat detection strategy

Apr 18, 2022 By Wyatt Nutter In Sumo Logic

Nowadays, it’s mostly a foregone conclusion that companies need a security program and centralized log aggregation and correlation platform. Unfortunately, the conversation all too often turns toward tactics for data collection and detection of specific threat actors or common vulnerabilities and exposures (CVEs).

Read Post

Sumo Logic

Read more about Weaponizing paranoia: developing a threat detection strategy

Deeper visibility into Kubernetes environments with network monitoring

Apr 12, 2022 By Vijit Nair In Corelight

Network monitoring solutions can overcome the security visibility blind spots in Kubernetes environments, by providing a source of truth for SOC analysts. Container security solutions broadly span the spectrum of (a) prevention - securing the container image and ensuring the right policies are in place during runtime and (b) detection - monitoring runtime events for threat detection and investigation.

Read Post