Corelight
Your network evidence, your SIEM, your way: Corelight’s open SIEM strategy empowers SOCs with a unified experience
Bring high-fidelity network evidence to any SIEM—without compromise.
Corelight Bright Ideas Blog
This is the Custom Rich Text module
Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.
- All
- Zeek
- Network Security Monitoring
- network security
- featured
- NDR
- network detection response
- Corelight
- cybersecurity
- network traffic analysis
- network visibility
- Bro
- SOC
- Corelight Labs
- Richard Bejtlich
- Product
- SIEM
- open source
- Announcements
- threat hunting
- BlackHat
- Industry
- Suricata
- Splunk
- DNS
- PCAP
- TLS
- open source community
- Corelight Sensor
- NSM
- Partnership
- HTTP
- MITRE ATT&CK
- GitHub
- Incident response
- network evidence
- Zeek Logs
- encrypted traffic
- SSH
- microsoft
- encrypted traffic collection
- JSON
- Detection
- IDS
- NOC
- command and control
- encryption
- ja3
- AWS
- HTTPS
- SSL
Mandiant
Cooking up a year of faster, smarter, and tastier security
As 2024 comes to a close, let’s take a look at the impactful product updates we delivered this year.
Vijit Nair
Dec 20, 2024
cybersecurity
Next-Generation SIEM: Corelight is the Data of Choice
Learn how Zeek’s metadata approach can help focus patching efforts for the SSH “Terrapin” attack.
Todd Wingler
May 7, 2024
Network Security Monitoring
The best cybersecurity defense is great evidence
Federal CTO Jean Schaffer explores how evidence - not data - is critical to speed defenders’ knowledge and response capabilities.
Jean Schaffer
Jul 19, 2022
network detection response
The evidence bank: leveraging security's most valuable asset
Organizations often implement a data collection strategy out of fear, collecting everything “just in case.” I challenge the assumption.
Bernard Brantley
Jun 30, 2022
network security
One SIEM is not enough?
A growing number of defenders use two SIEMs. This post explores why and whether XDR platforms will evolve to to become full threat hunting solutions.
Brian Dye
Mar 3, 2022
Zeek
Corelight & Microsoft Defender for IoT: Through an XDR lens
What is the XDR paradox? It’s the hottest term in security but there is no consensus yet on the right definition. Why is that?
Brian Dye
Nov 16, 2021
Zeek
World’s first 100G Zeek sensor
As we finished rolling out our v21 software release, I was reminded of when I’d first read the 2015 “100G Intrusion Detection” paper written at...
Sarah Banks
May 24, 2021
Zeek
CrowdStrike + Corelight partner to reach new heights
The CrowdStrike + Corelight partnership lets customers incorporate threat intelligence into Corelight Sensors to generate alerts and network evidence.
Lana Knop
Apr 22, 2021
Zeek
Extending NDR visibility in AWS IaaS
Visibility is challenging in a cloud environment. Security teams have long relied on network monitoring to complement application level visibility.
Vijit Nair
Apr 8, 2021