Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Cloud your way: Expanding threat visibility to meet the unique needs of your business

By Allen Marin – April 29, 2025

Let’s face it: The cloud has become the go-to platform for modern infrastructure—and for good reason. Scalability, flexibility, and speed are hard to beat. But as organizations increasingly rely on the cloud to run their critical operations, the... Read more »

Corelight and Microsoft: A smarter way to fight alert fatigue

By Allen Marin – January 14, 2025

For SOC teams, the battle against cyber threats can feel like trying to solve a 3D jigsaw puzzle in a bouncy house with missing pieces and a timer blasting every few seconds. Despite the increase in security spending, most teams still struggle with... Read more »

Streamlining security investigations with real-time enrichment of Corelight Open NDR and SentinelOne Singularity

By Allen Marin – October 15, 2024

In today’s threat landscape, security teams face mounting challenges in maintaining a robust security posture. Legacy tools often fall short of defending against increasingly sophisticated adversaries, especially with the complexity of modern,... Read more »

Stronger Security with Corelight and Mandiant Managed Defense

By Allen Marin – September 18, 2024

At Corelight, we’re thrilled when a respected cybersecurity leader like Mandiant introduces a new offering based on our solution. This week, Mandiant Managed Defense unveiled support for Corelight Open NDR, a move that strengthens our existing... Read more »

Understanding the Latest Threat Landscape: Insights from Mandiant M-Trends

By Allen Marin – July 18, 2024

In the constantly evolving world of cybersecurity, staying ahead of emerging threats requires continuous vigilance and adaptation. Fortunately for those of us in the industry, we’ve been able to count on highly respected digital forensics and... Read more »

Splunk .conf24 reflections - Federated data, resilience, and a parade of fezzes

By Allen Marin – June 26, 2024

Fresh from the recent .conf24 user conference in fabulous Las Vegas, I thought I’d share what I thought were some of the key points throughout the week. Read more »

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

By Allen Marin – February 26, 2024

In this second post of our threat hunting with Corelight and CrowdStrike blog series we dive into Persistence, which is one the many tactical categories outlined in the MITRE ATT&CK framework. In our previous blog, we reviewed some of the common... Read more »

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

By Allen Marin – November 27, 2023

At Corelight, we’re always striving to make the life of threat hunters and security analysts a little easier. It’s the reason we developed our Open NDR Platform that provides comprehensive, correlated network data and forensic evidence about... Read more »

Celebrating CrowdStrike’s New Network Detection Service “Powered by Corelight”

By Allen Marin – June 1, 2023

Several months ago, we announced that our strategic alliance partner CrowdStrike decided to use our Open NDR technology across its professional services portfolio. This wasn’t just a meaningful validation for us—it was also a testament to the... Read more »