network security
Feed me!
Announcing a new monthly update cycle to our custom Suricata ruleset, the Corelight Feed.
Corelight Bright Ideas Blog
This is the Custom Rich Text module
Feel free to edit this text to reflect your unique voice and message. Tell visitors what you do, why you do it, and what sets you apart.
- All
- Zeek
- Network Security Monitoring
- network security
- featured
- NDR
- network detection response
- Corelight
- cybersecurity
- network traffic analysis
- network visibility
- Bro
- SOC
- Corelight Labs
- Richard Bejtlich
- Product
- SIEM
- open source
- Announcements
- threat hunting
- BlackHat
- Industry
- Suricata
- Splunk
- DNS
- PCAP
- TLS
- open source community
- Corelight Sensor
- NSM
- Partnership
- HTTP
- MITRE ATT&CK
- GitHub
- Incident response
- network evidence
- Zeek Logs
- encrypted traffic
- SSH
- microsoft
- encrypted traffic collection
- JSON
- Detection
- IDS
- NOC
- command and control
- encryption
- ja3
- AWS
- HTTPS
- SSL
Zeek
Turning the tables on the infiltrator
Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.
Ben Reardon
Oct 16, 2023
network security
Replace IDS and extend entity visibility
Corelight v27 software release enhances the platform’s integrated Suricata IDS functionality, further integrating alerts with rich context.
John Gamble
Dec 8, 2022
Zeek
Detecting 5 current APTs without heavy lifting
Corelight Labs looks at three APT toolsets that have been linked to five threat actors, detecting each using relatively simple search logic.
Corelight Labs Team
Nov 8, 2022
Zeek
New position brings new open source opportunities
Dr. Kelley Misata shares her thoughts on why she is excited to join Corelight to lead open source and the new opportunities this role will bring.
Kelley Misata
Oct 12, 2022
network detection response
Explore Corelight evidence in Humio Community Edition
Our new collaboration with CrowdStrike and Humio allows our customers and the community to experience the value of evidence.
Ed Smith
Apr 19, 2022
Zeek
Know your environment: Tenable/Corelight integration for prioritized IDS alerts
Prioritizing alerts just got a little easier for SOC teams with Corelight's integration with Tenable.
Alex Kirk
Mar 10, 2022
Zeek
Situational awareness for CISA FECB playbooks
CISA recently released a set of playbooks for the Federal Civilian Executive Branch (FCEB). Here's why we are blogging about this.
Jean Schaffer
Nov 30, 2021
Zeek
Detecting CVE-2021-42292
Learn how to detect the CVE-2021-42292 exploit, which relies on Excel fetching a second Excel file, through behavioral tricks.
Corelight Labs Team
Nov 10, 2021
Zeek
Expanded Suricata detections with Dtection.io
Corelight offers a new core recommendation - Dtection.io - for customers using its Suricata integration.
Alex Kirk
Nov 4, 2021