Corelight Bright Ideas Blog

This is the Custom Rich Text module

Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.

Zeek

What makes evidence uniquely valuable?

Learn about the attributes of high-quality evidence. What should evidence look like, in order to be useful to defenders when the next security event...

Gregory Bell May 18, 2022

MITRE ATT&CK

Translating query into action

Sigma is an open-source project that provides a generic signature format for SIEMs. Here are the benefits of Sigma, and how to get these threat...

Vince Stoffer Mar 15, 2021

Zeek

Detecting Zerologon (CVE-2020-1472) with Zeek

To assist in detecting Zerologon (CVE-2020-1472), we’ve open sourced a Zeek package that detects both attempted and successful exploits.

Yacin Nadji Sep 16, 2020

Zeek

Together is faster: Zeek for vulnerabilities

I love this quote by John Lambert. It perfectly describes the impact network defenders can achieve by pooling resources, insights, and techniques.

Gregory Bell Aug 18, 2020

Zeek

Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

We’ve just open sourced a Zeek package that detects exploit attempts and successes. This package demonstrates a couple of aspects that are worth...

Ben Reardon Jul 28, 2020

Zeek

Zeek & Sigma: Fully compatible for cross-SIEM detections

Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.

Alex Kirk Jun 25, 2020

Secure your cloud.

Cloud enrichment for AWS, GCP,
and Azure

Corelight's
partner program

10 Considerations for Implementing an XDR Strategy

Don't trust. Verify with evidence

The Power of Open-Source Tools for Network Detection and Response

The Evolving Role
of NDR

Detecting 5 Current APTs without heavy lifting

Network Detection and Response

Corelight Bright Ideas Blog

This is the Custom Rich Text module

What makes evidence uniquely valuable?

Translating query into action

Detecting Zerologon (CVE-2020-1472) with Zeek

Together is faster: Zeek for vulnerabilities

Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

Zeek & Sigma: Fully compatible for cross-SIEM detections

Have questions?

Sign up for our newsletter

We’re hiring!