Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Corelight Bright Ideas Blog

Featured Post

December 11, 2024

Corelight delivers static file analysis with YARA integration

Malicious files continue to be a significant threat to organizations; SonicWall reported more than six billion malware attacks in 2023. To help organizations prepare for and stay ahead of these threats, we’re introducing an integration with YARA that offers a deeper level of inspection for files across enterprise networks while helping security... Read more »

Additional Posts

Corelight delivers static file analysis with YARA integration

By Christopher Sather – December 11, 2024

How YARA rules can complement NDR for malware detection

By Cynthia Gonzalez – December 10, 2024

The Verizon 2024 Data Breach Investigations Report found that system intrusion is the leading attack pattern for the third consecutive year, accounting for 36% of breaches. System intrusion largely consists of a threat actor using hacking techniques... Read more »

It’s Typhoon Season: Attackers are deliberately evading EDR. What can you do about it?

By Vince Stoffer – December 6, 2024

Introduction Over the past year, several sophisticated cyber-espionage campaigns have grabbed the attention of our industry and challenged defenders and vendors alike with advanced tactics, techniques, and procedures (TTPs). One of the most visible... Read more »

Tales from the Black Hat NOC (USA 2024) - speed to detect SSHAMBLE

By Ben Reardon – November 27, 2024

Another big day in the NOC Welcome to the Mandalay Bay Convention Center in Las Vegas. I've finished another morning shift in the Black Hat NOC, where the Corelight team has been working with the other NOC partners as part of our ongoing commitment... Read more »

Detecting Quasar Windows RAT

By Tillson Galloway – November 22, 2024

Welcome to Corelight Labs' latest hunt! This blog continues our tradition of analyzing trending threat groups and TTPs on Any.Run and writing detectors for them, providing the community with open-source threat intelligence, and acting as a tutorial... Read more »

Reduce time to triage by up to 50% with Corelight's new Guided Triage capability

By David Getman – November 12, 2024

Security Operations Centers (SOCs) are under immense pressure to ensure no attack goes unnoticed. At Corelight, we’re being approached daily to help bring in network visibility. For many though, visibility isn’t enough. SOCs are already overloaded... Read more »

Streamlining security investigations with real-time enrichment of Corelight Open NDR and SentinelOne Singularity

By Allen Marin – October 15, 2024

In today’s threat landscape, security teams face mounting challenges in maintaining a robust security posture. Legacy tools often fall short of defending against increasingly sophisticated adversaries, especially with the complexity of modern,... Read more »

Feed me!

By Vince Stoffer – September 25, 2024

Corelight has strengthened the Suricata integration within its Open NDR Platform, empowering customers with a custom ruleset, the Corelight Feed, designed to swiftly detect and help respond to emerging threats. With a new monthly update cycle,... Read more »

Want better network visibility? Don't just go with the (net)flow

By Mark Overholser – September 23, 2024

In the Black Hat Network Operations Center (NOC), the conference’s leadership team must assemble best-in-class technologies that complement each other to build and harden an enterprise-grade network in just a few days. Then, the NOC must... Read more »

Stronger Security with Corelight and Mandiant Managed Defense

By Allen Marin – September 18, 2024

At Corelight, we’re thrilled when a respected cybersecurity leader like Mandiant introduces a new offering based on our solution. This week, Mandiant Managed Defense unveiled support for Corelight Open NDR, a move that strengthens our existing... Read more »

Load Older Posts

Corelight Bright Ideas Blog

Featured Post

Corelight delivers static file analysis with YARA integration

Additional Posts

Corelight delivers static file analysis with YARA integration

How YARA rules can complement NDR for malware detection

It’s Typhoon Season: Attackers are deliberately evading EDR. What can you do about it?

Tales from the Black Hat NOC (USA 2024) - speed to detect SSHAMBLE

Detecting Quasar Windows RAT

Reduce time to triage by up to 50% with Corelight's new Guided Triage capability

Streamlining security investigations with real-time enrichment of Corelight Open NDR and SentinelOne Singularity

Feed me!

Want better network visibility? Don't just go with the (net)flow

Stronger Security with Corelight and Mandiant Managed Defense

Recent Posts

Sign up for our newsletter

Locations

1 (888) 547-9497

We're hiring!