Corelight Bright Ideas Blog

Featured

Inside the mind of a cybersecurity threat hunter part 3: hunting for adversaries moving inside your network

Learn how to use Corelight’s rich network telemetry in CrowdStrike’s Next-Gen SIEM to expose defense evasion and lateral movement inside your network.

Allen Marin Dec 22, 2025

Zeek

Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

We’ve just open sourced a Zeek package that detects exploit attempts and successes. This package demonstrates a couple of aspects that are worth...

Ben Reardon Jul 28, 2020

Partnership

Corelight Splunk App update: New dashboard and data

We are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and the Corelight Technical Add-on (TA).

Roger Cheeks Jul 20, 2020

Network Security Monitoring

Network Security Monitoring data: Types I, II, and III

This blog post explains three levels of analysis and how encryption has affected NSM, demonstrating that NSM remains relevant, despite encryption.

Richard Bejtlich Jul 8, 2020

Zeek

Ripple20 Zeek package open sourced

Today we are open sourcing a Zeek package that passively detects the presence of some of the tell-tale signs that Treck devices can exhibit.

Ben Reardon Jun 30, 2020

Zeek

Zeek & Sigma: Fully compatible for cross-SIEM detections

Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.

Alex Kirk Jun 25, 2020

Zeek

DNS over TLS and DNS over HTTPS

In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). Before examining DoT and DoH, it’s important to take a quick look at DNS...

Jamie Brim Jun 18, 2020

Zeek

Chocolate and peanut butter, Zeek and Suricata

We are proud to announce that in our v19 software release we have delivered a sensor that combines and integrates Zeek and Suricata with three key...

Brian Dye Jun 16, 2020

Zeek

The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection

We are excited to announce the expansion of our ETC. In this post, I will provide some further details and what the research team is working on next!

Vince Stoffer Jun 16, 2020

Zeek

Detecting GnuTLS CVE-2020-13777 using Zeek

Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.

Johanna Amann Jun 11, 2020

< 1 2 3 ... 22 ... 29 30 >

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

Inside the mind of a cybersecurity threat hunter part 3: hunting for adversaries moving inside your network

Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

Corelight Splunk App update: New dashboard and data

Network Security Monitoring data: Types I, II, and III

Ripple20 Zeek package open sourced

Zeek & Sigma: Fully compatible for cross-SIEM detections

DNS over TLS and DNS over HTTPS

Chocolate and peanut butter, Zeek and Suricata

The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection

Detecting GnuTLS CVE-2020-13777 using Zeek

Have questions?

Sign up for our newsletter

We’re hiring!