Corelight Bright Ideas Blog

Featured

Inside the mind of a cybersecurity threat hunter part 3: hunting for adversaries moving inside your network

Learn how to use Corelight’s rich network telemetry in CrowdStrike’s Next-Gen SIEM to expose defense evasion and lateral movement inside your network.

Allen Marin Dec 22, 2025

Stories by Tillson

network security

Detecting Quasar Windows RAT

Detect Quasar RAT malware with Corelight’s open-source Zeek script, leveraging Quasar’s default TLS configuration.

Tillson Galloway Nov 22, 2024

network security

Detecting Abuse of NetSupport Manager

Learn how to use Zeek to easily detect malicious use of NetSupport Manager.

Tillson Galloway Sep 11, 2024

Zeek

Detecting CVE-2022-30216: Windows Server Service Tampering

Corelight Labs reviewed a POC exploit for CVE-2022-30216 and wrote a Zeek-based detection and released the package on GitHub.

Tillson Galloway Aug 9, 2022

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

Inside the mind of a cybersecurity threat hunter part 3: hunting for adversaries moving inside your network

Stories by Tillson

Detecting Quasar Windows RAT

Detecting Abuse of NetSupport Manager

Detecting CVE-2022-30216: Windows Server Service Tampering

Have questions?

Sign up for our newsletter

We’re hiring!