Corelight Bright Ideas Blog

This is the Custom Rich Text module

Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.

Stories by Keith

Corelight

How to level up your technical documentation with Microsoft's style guide and LLMs

Speed up technical documentation with the open-source llm-styleguide-helper. It pairs Vale linting and AI to fix Microsoft Style Guide violations in...

Keith J. Jones Sep 16, 2025

network detection response

Empowering your LLMs: Unlocking cybersecurity queries with Open WebUI knowledge bases

Learn how to use Open WebUI knowledge bases to enhance your LLMs with private, local cybersecurity data for better queries, analysis, and incident...

Keith J. Jones Jul 2, 2025

network detection response

Leveraging map-reduce and LLMs for enhanced cybersecurity network detection

Learn how Map-Reduce and LLMs can be used to efficiently analyze huge datasets and improve threat hunting, incident response, and forensic analysis.

Keith J. Jones Mar 25, 2025

network detection response

Running DeepSeek AI privately using open-source software

Learn how to run DeepSeek AI locally with Ollama and Open WebUI for secure Zeek script analysis.

Keith J. Jones Feb 28, 2025

network detection response

Understand and detect MITRE Caldera with Zeek®

Read how to identify C2 activities and agent downloads associated with MITRE Caldera agents using this Zeek Caldera detector via GitHub.

Keith J. Jones Feb 14, 2025

Corelight

Detecting The Agent Tesla Malware Family

Learn how to detect Agent Tesla, which consistently trends at the top of Any.Run’s malware trends list

Keith J. Jones Jul 2, 2024

Zeek

Detecting Gozi Banking Malware

I ran into a sample of the Gozi banking malware in the wild. This is how I developed an open source detection package to find it with Zeek.

Keith J. Jones Sep 7, 2023

Zeek

Give me my stats!

In this post I am going to walk you through the process I used to develop a package called “my_stats” that pulls memory information from a running...

Keith J. Jones Sep 21, 2020

network detection response

Testing Screenshot code Text Extraction with AI

Read how to identify C2 activities and agent downloads associated with MITRE Caldera agents using this Zeek Caldera detector via GitHub.

Keith J. Jones Jan 1, 1970

Secure your cloud.

Cloud enrichment for AWS, GCP,
and Azure

Corelight's
partner program

10 Considerations for Implementing an XDR Strategy

Don't trust. Verify with evidence

The Power of Open-Source Tools for Network Detection and Response

The Evolving Role
of NDR

Detecting 5 Current APTs without heavy lifting

Network Detection and Response

Corelight Bright Ideas Blog

This is the Custom Rich Text module

Stories by Keith

How to level up your technical documentation with Microsoft's style guide and LLMs

Empowering your LLMs: Unlocking cybersecurity queries with Open WebUI knowledge bases

Leveraging map-reduce and LLMs for enhanced cybersecurity network detection

Running DeepSeek AI privately using open-source software

Understand and detect MITRE Caldera with Zeek®

Detecting The Agent Tesla Malware Family

Detecting Gozi Banking Malware

Give me my stats!

Testing Screenshot code Text Extraction with AI

Have questions?

Sign up for our newsletter

We’re hiring!