Corelight Bright Ideas Blog

Featured

How to React(.js) to React2Shell and detecting behaviors to catch the Next(.js) big RCE

Ground your defense against React2Shell in verifiable network evidence. Deploy high-fidelity Suricata detections to spot unauthenticated remote code...

David Burkett Dec 6, 2025

Stories by Allen

Corelight

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

Allen Marin Oct 30, 2025

Corelight

Cloud your way: Expanding threat visibility to meet the unique needs of your business

Corelight’s Microsoft vTAP integration brings cloud-native packet mirroring to Azure, with broader support for AWS, GCP, and third-party packet...

Allen Marin Apr 29, 2025

network detection response

Corelight and Microsoft: A smarter way to fight alert fatigue

Streamline alert triage and reduce alert fatigue with Corelight's Microsoft Defender integration, enabling faster, smarter decisions across your SOC.

Allen Marin Jan 14, 2025

network security

Streamlining security investigations with real-time enrichment of Corelight Open NDR and SentinelOne Singularity

Corelight’s integration with SentinelOne is a game-changer for security teams looking to stay ahead of evolving cyber threats.

Allen Marin Oct 15, 2024

Mandiant

Stronger Security with Corelight and Mandiant Managed Defense

Together, Corelight and Mandiant enable defenders to achieve unparalleled visibility across their network environments.

Allen Marin Sep 18, 2024

Mandiant

Understanding the Latest Threat Landscape: Insights from Mandiant M-Trends

Our experience in the Black Hat NOC has made us into adherents for “Zero Trust…but verify.”

Allen Marin Jul 18, 2024

Corelight

Splunk .conf24 reflections - Federated data, resilience, and a parade of fezzes

Fresh from Splunk .conf24, here are some of the key points from throughout the week.

Allen Marin Jun 26, 2024

cybersecurity

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Learn how threat hunters can identify MITRE ATT&CK persistence techniques.

Allen Marin Feb 26, 2024

SOC

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

Learn how Corelight’s integration with CrowdStrike helps threat hunters detect signs of Initial Access, one of the tactics and techniques outlined in...

Allen Marin Nov 27, 2023

< 1 2 >

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

How to React(.js) to React2Shell and detecting behaviors to catch the Next(.js) big RCE

Stories by Allen

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Cloud your way: Expanding threat visibility to meet the unique needs of your business

Corelight and Microsoft: A smarter way to fight alert fatigue

Streamlining security investigations with real-time enrichment of Corelight Open NDR and SentinelOne Singularity

Stronger Security with Corelight and Mandiant Managed Defense

Understanding the Latest Threat Landscape: Insights from Mandiant M-Trends

Splunk .conf24 reflections - Federated data, resilience, and a parade of fezzes

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

Have questions?

Sign up for our newsletter

We’re hiring!