Corelight Bright Ideas Blog

The Verizon 2024 Data Breach Investigations Report found that system intrusion is the leading attack pattern for the third consecutive year, accounting for 36% of breaches. System intrusion largely consists of a threat actor using hacking techniques... Read more »

Introduction Over the past year, several sophisticated cyber-espionage campaigns have grabbed the attention of our industry and challenged defenders and vendors alike with advanced tactics, techniques, and procedures (TTPs). One of the most visible... Read more »

Another big day in the NOC Welcome to the Mandalay Bay Convention Center in Las Vegas. I've finished another morning shift in the Black Hat NOC, where the Corelight team has been working with the other NOC partners as part of our ongoing commitment... Read more »

Welcome to Corelight Labs' latest hunt! This blog continues our tradition of analyzing trending threat groups and TTPs on Any.Run and writing detectors for them, providing the community with open-source threat intelligence, and acting as a tutorial... Read more »

Security Operations Centers (SOCs) are under immense pressure to ensure no attack goes unnoticed. At Corelight, we’re being approached daily to help bring in network visibility. For many though, visibility isn’t enough. SOCs are already overloaded... Read more »

In today’s threat landscape, security teams face mounting challenges in maintaining a robust security posture. Legacy tools often fall short of defending against increasingly sophisticated adversaries, especially with the complexity of modern,... Read more »

Corelight has strengthened the Suricata integration within its Open NDR Platform, empowering customers with a custom ruleset, the Corelight Feed, designed to swiftly detect and help respond to emerging threats. With a new monthly update cycle,... Read more »

In the Black Hat Network Operations Center (NOC), the conference’s leadership team must assemble best-in-class technologies that complement each other to build and harden an enterprise-grade network in just a few days. Then, the NOC must... Read more »

At Corelight, we’re thrilled when a respected cybersecurity leader like Mandiant introduces a new offering based on our solution. This week, Mandiant Managed Defense unveiled support for Corelight Open NDR, a move that strengthens our existing... Read more »

Accelerate Your Hybrid Cloud Security with Corelight Open NDR, now in the VMware Marketplace Read more »