Corelight Bright Ideas Blog

The cybersecurity landscape is evolving, and Network Detection and Response (NDR) solutions are becoming indispensable for consistent visibility across an increasing attack surface. In the Competitive Landscape for NDR research, Gartner® claims that... Read more »

Zero Trust…but Verify The Black Hat network is unlike an enterprise network. The network operations center (NOC), which Corelight helps to operate, sees traffic that would never be permissible on most enterprise networks. Still, in many ways the... Read more »

Welcome to the latest from Corelight Labs! This blog continues our tradition of picking a popular malware family from Any.Run and writing a detector for it! Trending consistently at #1 on Any.Run’s malware trends list, Agent Tesla uses multiple... Read more »

Fresh from the recent .conf24 user conference in fabulous Las Vegas, I thought I’d share what I thought were some of the key points throughout the week. Read more »

We are excited to announce a significant enhancement to our Entity Enrichment integration with CrowdStrike Falcon: the 1-Click Response action. This new feature empowers SOC analysts to isolate a host directly from Corelight Investigator, leveraging... Read more »

Introduction In this edition of Corelight’s Hunt of the Month blog, we bring you a STRRAT malware detector. In recent months STRRAT has become one of the top malware families submitted to Any.Run’s malware sandbox: Read more »

For years, the mantra for achieving visibility into potential threats has been the trio of EDR, NDR, and SIEM. These components form the foundation of a robust security posture, with EDR and NDR offering the depth and breadth needed to monitor... Read more »

The big idea behind Corelight has always been simple: ground truth is priceless. What really happened, both now and looking back in time. Whether it is used to detect attacks, investigate routine alerts, respond to new vulnerabilities or a full... Read more »