CONTACT US
CONTACT US

START HERE

Evidence-based security

 

WHY CORELIGHT

Complete visibility

Next-level analytics

Faster investigation

Expert hunting

    CORELIGHT LABS

    Recent research

    Mission and team

    Insights

    Polaris program

      TRENDING TOPICS

      Encrypted traffic

       

      VERTICALS

      Federal
        ad-images-nav_0001_SANs thumb

        SANS Protects: The Network

        DOWNLOAD WHITE PAPER

        ad-images-nav_0009_Threat-hunting-guide

        Threat hunting guide

        GET THE GUIDE

        OVERVIEW

        Open NDR Platform

        Analytics & detections

         

        PRODUCTS

        Zeek®-based evidence

        IDS

        Smart PCAP

        Investigator

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Mandiant

            Microsoft

            Splunk

            View all

             

            USE CASES

            Case Studies

            View all
              ad-nav-crowdstrike

              Corelight now powers CrowdStrike solutions and services

              READ MORE

              ad-images-nav_0013_IDS

              Alerts, meet evidence.

              LEARN MORE ABOUT OUR IDS SOLUTION

              ad-images-nav_white-paper

              5 Ways Corelight Data Helps Investigators Win

              READ WHITE PAPER

              BLOG

              Read the latest

                EVENTS

                Meet with us

                  DEMOS

                  Get a demo
                    ad-images-nav_0000_Thinking-like-a-threat-actor

                    Thinking like a Threat Actor: Hunting the Ghost in the Machine

                    WATCH THE WEBCAST

                    ad-images-nav_0006_Blog

                    Don't trust. Verify with evidence

                    READ BLOG

                    ABOUT US

                    About Corelight

                    Careers

                    Leadership

                    Investors

                    Newsroom

                    Apex Awards

                      CHANNEL PARTNERS

                      Partner Program

                      Deal registration

                      Partner Academy

                      Become a Partner
                          ad-nav-NDR-for-dummies

                          NDR for Dummies

                          GET THE WHITE PAPER

                          Screenshot 2023-05-15 at 12.25.41 PM

                          The Power of Open-Source Tools for Network Detection and Response

                          WATCH THE WEBCAST

                          ad-nav-ESG

                          The Evolving Role of NDR

                          DOWNLOAD THE REPORT

                          SUPPORT SERVICES

                          Open a ticket

                          Account login

                          Technical bulletins

                          Report a security vulnerability

                            WORLD-CLASS SUPPORT

                            Support overview
                                ad-images-nav_0006_Blog

                                Detecting 5 Current APTs without heavy lifting

                                READ BLOG

                                Corelight Bright Ideas Blog

                                Featured Post

                                Additional Posts

                                Zeek on Windows

                                By Tim Wojtulewicz – December 5, 2022

                                Editor's note: This post was originally published on the Zeek.org blog on Nov. 28, 2022. Reposted here in full with permission as a courtesy. Read more »

                                IoT/OT/ICS threats: Detecting vulnerable Boa web servers

                                By Corelight Labs Team – November 30, 2022

                                Editor's note: This blog post was updated on 12/1/22 to add the "Update 12/1/22" and corresponding paragraph added to the end of the blog post. On Nov. 22, 2022 Microsoft announced research findings about an ongoing supply chain attack against IoT... Read more »

                                Detecting 5 current APTs without heavy lifting

                                By Corelight Labs Team – November 8, 2022

                                The Corelight Labs team prides itself on the ability to create novel Zeek and Suricata detection content that delves deep into packet streams by leveraging the full power of these tools. However this level of additional sophistication is not always... Read more »

                                New position brings new open source opportunities

                                By Kelley Misata – October 12, 2022

                                Today marks the start of ZeekWeek, the annual conference for information technologists who rely on the Zeek® network for security monitoring. Read more »

                                BOD 23-01: Better visibility to reduce risk

                                By Jean Schaffer – October 10, 2022

                                “Knowing what’s on your network is the first step for any organization to reduce risk.”  Read more »

                                Corelight Investigator: Ready for Europe

                                By Sara Shuman – October 4, 2022

                                This summer, we launched Investigator, Corelight’s SaaS-based network detection and response (NDR) solution that fuses rich network evidence with machine learning and other security analytics to unlock powerful threat hunting capabilities and... Read more »

                                Detecting the Manjusaka C2 framework

                                By Corelight Labs Team – September 29, 2022

                                Security practitioners may know about common command-and-control (C2) frameworks, such as Cobalt Strike and Sliver, but fewer have likely heard of the so-called Chinese sibling framework “Manjusaka” (described by Talos in an excellent writeup). Like... Read more »

                                Detecting CVE-2022-30216: Windows Server Service Tampering

                                By Corelight Labs Team – August 9, 2022

                                In July 2022, Microsoft disclosed a vulnerability in the Windows Server Service that allows an authenticated user to remotely access a local API call on a domain controller, which triggers an NTLM request. This results in a leak of credentials that... Read more »

                                The best cybersecurity defense is great evidence

                                By Jean Schaffer – July 19, 2022

                                Editor's note: This is the fifth in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. Read more »

                                The evidence bank: leveraging security's most valuable asset

                                By Bernard Brantley – June 30, 2022

                                Editor's note: This is the fourth in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. Read more »

                                Search

                                  Recent Posts

                                  Categories

                                  See all

                                  Archives

                                  See all

                                  Authors

                                  See all