Corelight Bright Ideas Blog

Featured

How to React(.js) to React2Shell and detecting behaviors to catch the Next(.js) big RCE

Ground your defense against React2Shell in verifiable network evidence. Deploy high-fidelity Suricata detections to spot unauthenticated remote code...

David Burkett Dec 6, 2025

Stories by Christian

Zeek

Community ID support for Wireshark

The past few weeks have seen several developments around Community ID and support for Wireshark. I’d like to summarize them in this blog post.

Christian Kreibich Oct 7, 2020

Zeek

Log enrichment with DNS host names

With Corelight’s 1.15 release, we help figure out the host names associated with an IP address in prior network activity. Here's how it works.

Christian Kreibich Oct 25, 2018

Zeek

Extensibility as a Guiding Principle

To us, extensibility is not an afterthought that we try to tuck on in a few release cycles. It permeates the way we think about network monitoring.

Christian Kreibich Dec 6, 2017

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

How to React(.js) to React2Shell and detecting behaviors to catch the Next(.js) big RCE

Stories by Christian

Community ID support for Wireshark

Log enrichment with DNS host names

Extensibility as a Guiding Principle

Have questions?

Sign up for our newsletter

We’re hiring!