Corelight Bright Ideas Blog

Featured

Identity in the SOC: Why network visibility still matters in the age of the identity perimeter

Network visibility is your ground truth in the age of the identity perimeter. See how Corelight integrates with Entra ID and CrowdStrike.

Richard Petrie Jun 4, 2026

All
Zeek
featured
Network Security Monitoring
network security
NDR
Corelight
network detection response
cybersecurity
SOC
network traffic analysis
Bro
network visibility
Corelight Labs
Richard Bejtlich
SIEM
threat hunting
Product
open source
Announcements
Suricata
Splunk
DNS
Industry
PCAP
TLS
BlackHat
Corelight Sensor
open source community
NSM
Partnership
HTTP
MITRE ATT&CK
GitHub
Incident response
Zeek Logs
encrypted traffic
network evidence
SSH
microsoft
encrypted traffic collection
threat hunter
Crowdstrike
Detection
JSON
command and control
encryption
ja3
AI
AWS
HTTPS

Zeek

Runtime Options: the Bro Configuration Framework

Redefs allow the re-definition of already defined constants in Bro. This is often done in local.bro. To modify Site::local_net, use code similar to...

Johanna Amann Feb 13, 2018

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

Network Detection & Response

Corelight Bright Ideas Blog

Identity in the SOC: Why network visibility still matters in the age of the identity perimeter

Runtime Options: the Bro Configuration Framework

Have questions?

Sign up for our newsletter

We’re hiring!

Get in touch