Event correlation¶
Event correlation links related security alerts across different systems to reconstruct the full pattern of an incident. The Red Lantern simulator provides controlled multi-stage attack scenarios for testing whether correlation rules distinguish a coordinated campaign from background noise.
Connect the dots
- Analytical backbone
- Multi-stage BGP attack correlation logic
- ROA poisoning and validation mapping logic
- RPKI cover hijack correlation logic
- Human encoding correlation logic
- Testing correlation logic
- Common failure patterns in correlation detection
- Design heuristics for robust correlation rules
- Human-intent testing workflows for correlation rules