Corelight Bright Ideas Blog

Featured

Inside the mind of a cybersecurity threat hunter part 3: hunting for adversaries moving inside your network

Learn how to use Corelight’s rich network telemetry in CrowdStrike’s Next-Gen SIEM to expose defense evasion and lateral movement inside your network.

Allen Marin Dec 22, 2025

network traffic analysis

Black Hat NOC: Findings from Europe & thoughts for Asia 2024

See how we used Corelight's Open NDR platform to take an evidence-based security approach at Blackhat Europe 2023.

Dustin Lee Apr 5, 2024

malware

Hunt of the Month: Detecting AsyncRAT Malware Over HTTPS

Corelight Labs Team Mar 20, 2024

Zeek

Focus Terrapin patching efforts with Zeek

Learn how Zeek’s metadata approach can help focus patching efforts for the SSH “Terrapin” attack.

Ben Reardon Mar 9, 2024

cybersecurity

Dual Defenses: 9 Reasons Why Open NDR Is Essential Alongside NGFW

Learn why adding Corelight to your cybersecurity arsenal, alongside existing NGFWs, is a strategic necessity.

Ed Smith Mar 1, 2024

cybersecurity

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Learn how threat hunters can identify MITRE ATT&CK persistence techniques.

Allen Marin Feb 26, 2024

network detection response

Dual Defenses: 10 Reasons Why NDR Is Essential Alongside EDR

Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.

Ed Smith Jan 10, 2024

NDR

Black Hat NOC USA 2023: Leveraging Corelight’s Open NDR Platform for Network Operations (NetOps)

Recapping our learnings from being in the Black Hat NOC at Black Hat USA 2023

Eldon Koyle Dec 4, 2023

SOC

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

Learn how Corelight’s integration with CrowdStrike helps threat hunters detect signs of Initial Access, one of the tactics and techniques outlined in...

Allen Marin Nov 27, 2023

NDR