Corelight Bright Ideas Blog

Featured Post

Corelight’s GenAI Accelerator Pack features the industry's first Model Context Protocol (MCP) server, specifically designed to facilitate easier access to detailed network data and alerts for cybersecurity AI agents and enhance the analysis of network security information. Read more »

Additional Posts

Running DeepSeek AI privately using open-source software

By Keith J. Jones – February 28, 2025

Introduction Zeek® is a powerful open-source network analysis tool that allows users to monitor traffic and detect malicious activities. Users can write packages to detect cybersecurity events, like this GitHub repo that detects C2 from AgentTesla... Read more »

Corelight delivers data aggregation to reduce SIEM ingest by 50-80% compared to legacy network security monitoring tools

By Cynthia Gonzalez – February 18, 2025

According to Forrester Research, “How do we reduce our SIEM ingest costs?” is one of the top inquiries they receive from clients. Many security organizations rely on SIEMs for their detection, investigation, and response workflows, ingesting... Read more »

Understand and detect MITRE Caldera with Zeek®

By Keith J. Jones – February 14, 2025

What is MITRE Caldera? MITRE’s Caldera is a cybersecurity platform developed to simulate adversarial tactics, techniques, and procedures (TTPs). Built upon the MITRE ATT&CK framework, Caldera is an open-source tool designed to help cybersecurity... Read more »

Why NDR is essential to protecting your cloud workloads

By David Burkett – February 3, 2025

How Corelight Open NDR secures cloud workloads beyond runtime security tools. Read more »

Adventures in monitoring a hostile network: Black Hat Europe 2024

By Mark Overholser – January 28, 2025

Working in the network operating center (NOC) at Black Hat Europe, we’re never quite sure what we’re going to see. The anxiousness I feel there is similar to what I’d experience when I was blue-teaming for a corporate network. I could prepare all I... Read more »

Thrown in the deep end: My first time hunting in the Black Hat NOC

By Matt Ellison – January 28, 2025

If you have even a passing interest in cybersecurity, you no doubt have heard of Black Hat, the eponymously named conference that launched in 1997 in Las Vegas. Nearly 30 years later Black Hat is a global phenomenon that bears little resemblance to... Read more »

Corelight and Microsoft: A smarter way to fight alert fatigue

By Allen Marin – January 14, 2025

For SOC teams, the battle against cyber threats can feel like trying to solve a 3D jigsaw puzzle in a bouncy house with missing pieces and a timer blasting every few seconds. Despite the increase in security spending, most teams still struggle with... Read more »

Cooking up a year of faster, smarter, and tastier security

By Vijit Nair – December 19, 2024

If there’s one thing I love more than delivering great products, it’s delivering great food. The holidays are my time to channel my inner celebrity chef: I’ll burn a few cookies, over-spice a roast, and then miraculously pull it all together for a... Read more »

Corelight delivers static file analysis with YARA integration

By Christopher Sather – December 11, 2024

Malicious files continue to be a significant threat to organizations; SonicWall reported more than six billion malware attacks in 2023. To help organizations prepare for and stay ahead of these threats, we’re introducing an integration with YARA... Read more »

How YARA rules can complement NDR for malware detection

By Cynthia Gonzalez – December 10, 2024

The Verizon 2024 Data Breach Investigations Report found that system intrusion is the leading attack pattern for the third consecutive year, accounting for 36% of breaches. System intrusion largely consists of a threat actor using hacking techniques... Read more »

Load Older Posts

Corelight Bright Ideas Blog

Featured Post

Corelight announces industry's first MCP server exposing detailed network data and alerts

Additional Posts

Running DeepSeek AI privately using open-source software

Corelight delivers data aggregation to reduce SIEM ingest by 50-80% compared to legacy network security monitoring tools

Understand and detect MITRE Caldera with Zeek®

Why NDR is essential to protecting your cloud workloads

Adventures in monitoring a hostile network: Black Hat Europe 2024

Thrown in the deep end: My first time hunting in the Black Hat NOC

Corelight and Microsoft: A smarter way to fight alert fatigue

Cooking up a year of faster, smarter, and tastier security

Corelight delivers static file analysis with YARA integration

How YARA rules can complement NDR for malware detection

Recent Posts

Sign up for our newsletter

Locations

1 (888) 547-9497

We're hiring!