Corelight Bright Ideas Blog

Featured Post

May 29, 2025

Corelight Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Network Detection and Response

Network Detection and Response (NDR) has emerged as a must-have capability of modern security operations (SecOps). NDR provides deep visibility, detection of advanced threats that evade other security tools, and rapid response capabilities to address the SecOps challenges of incomplete visibility, detection gaps, high SIEM and storage costs, and... Read more »

Additional Posts

Expand visibility around authentication and application anomalies with Corelight’s new LDAP analyzer

By Vince Stoffer – March 20, 2023

Comprehensive visibility into network protocols is a hallmark of Zeek (and therefore Corelight) data. That's why we are very happy to announce that with our v27.2 release we are supporting a new analyzer for the LDAP protocol. You likely know LDAP... Read more »

Corelight Investigator introduces new Machine Learning Models

By Sara Shuman – January 31, 2023

Corelight Investigator furthers its commitment to delivering next-level analytics through the expansion of its machine learning models. Security teams are now enabled with additional supervised and deep learning models, including: Read more »

Corelight for the everywhere cloud

By Ed Amoroso, founder and CEO of TAG Cyber (guest) – January 17, 2023

Editor's note: This is the first in five-part series authored by Ed Amoroso, founder and CEO of TAG Cyber, which will focuses on how the Corelight platform reduces network security risks to the so-called Everywhere Cloud (EC). Such security... Read more »

Corelight launches the Entity Collection

By Vince Stoffer – December 13, 2022

Corelight Labs, our amazing research team, has been hard at work on another content collection which we are excited to introduce: the Corelight Entity Collection. Read more »

Replace IDS and extend entity visibility

By John Gamble – December 8, 2022

Today, as a part of our v27 software release, we are launching enhanced IDS rules management functionality, extending analyst visibility around hosts, devices, users, and more, and upgrading the Corelight Software Sensor to give customers more NDR... Read more »

Zeek on Windows

By Tim Wojtulewicz – December 5, 2022

Editor's note: This post was originally published on the Zeek.org blog on Nov. 28, 2022. Reposted here in full with permission as a courtesy. Read more »

IoT/OT/ICS threats: Detecting vulnerable Boa web servers

By Corelight Labs Team – November 30, 2022

Editor's note: This blog post was updated on 12/1/22 to add the "Update 12/1/22" and corresponding paragraph added to the end of the blog post. On Nov. 22, 2022 Microsoft announced research findings about an ongoing supply chain attack against IoT... Read more »

Detecting 5 current APTs without heavy lifting

By Corelight Labs Team – November 8, 2022

The Corelight Labs team prides itself on the ability to create novel Zeek and Suricata detection content that delves deep into packet streams by leveraging the full power of these tools. However this level of additional sophistication is not always... Read more »

New position brings new open source opportunities

By Kelley Misata – October 12, 2022

Today marks the start of ZeekWeek, the annual conference for information technologists who rely on the Zeek® network for security monitoring. Read more »

BOD 23-01: Better visibility to reduce risk

By Jean Schaffer – October 10, 2022

“Knowing what’s on your network is the first step for any organization to reduce risk.” Read more »

Load Older Posts