Corelight Bright Ideas Blog

Featured

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

Allen Marin Oct 30, 2025

Stories by Alex

Zeek

Know your environment: Tenable/Corelight integration for prioritized IDS alerts

Prioritizing alerts just got a little easier for SOC teams with Corelight's integration with Tenable.

Alex Kirk Mar 10, 2022

cybersecurity

Acting on CISA’s advice for detecting Russian cyberattacks

This post explores the 4 key areas outlined in the CISA "Shields Up" memo and examines ways they can be detected with network data.

Alex Kirk Feb 28, 2022

Zeek

Expanded Suricata detections with Dtection.io

Corelight offers a new core recommendation - Dtection.io - for customers using its Suricata integration.

Alex Kirk Nov 4, 2021

MITRE ATT&CK

Monitoring networks for Chinese State-Sponsored Cyber Operations

In the spirit of our open-source heritage, Corelight has produced a document breaking down our ability to identify and detect these attackers’...

Alex Kirk Aug 18, 2021

Product

Exchange exploitation and architecting for visibility

The new Microsoft Exchange vulnerabilities disclosed earlier this month highlight the importance of architecting for security visibility on the...

Alex Kirk Mar 16, 2021

DNS

Beating alert fatigue with integrated data

Corelight data enables immediate SOC improvements. Here's a walkthrough of initial playbooks.

Alex Kirk Oct 8, 2020

Zeek

Zeek & Sigma: Fully compatible for cross-SIEM detections

Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.

Alex Kirk Jun 25, 2020

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Stories by Alex

Know your environment: Tenable/Corelight integration for prioritized IDS alerts

Acting on CISA’s advice for detecting Russian cyberattacks

Expanded Suricata detections with Dtection.io

Monitoring networks for Chinese State-Sponsored Cyber Operations

Exchange exploitation and architecting for visibility

Beating alert fatigue with integrated data

Zeek & Sigma: Fully compatible for cross-SIEM detections

Have questions?

Sign up for our newsletter

We’re hiring!