Corelight Bright Ideas Blog

Featured

Strengthening modern detection with Open NDR and integrated threat intelligence

Discover what defending the Black Hat NOC taught me about using Model Context Protocol (MCP) to build an agentic SOC and accelerate threat hunting.

Allen Marin Jun 26, 2026

All
Zeek
featured
Network Security Monitoring
network security
NDR
Corelight
network detection response
SOC
cybersecurity
network traffic analysis
Bro
network visibility
Corelight Labs
threat hunting
Richard Bejtlich
SIEM
Product
open source
Announcements
Suricata
Splunk
BlackHat
Corelight Sensor
DNS
Industry
PCAP
TLS
open source community
NSM
Partnership
HTTP
MITRE ATT&CK
GitHub
Incident response
Zeek Logs
encrypted traffic
network evidence
SSH
microsoft
encrypted traffic collection
threat hunter
Crowdstrike
AI
Detection
JSON
command and control
encryption
ja3
AWS
HTTPS

Zeek

IoT/OT/ICS threats: Detecting vulnerable Boa web servers

Corelight Labs installed the last version of Boa in a lab environment and released a Zeek package to identify machines running a vulnerable Boa web...

Corelight Labs Team Nov 30, 2022

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

Network Detection & Response

Corelight Bright Ideas Blog

Strengthening modern detection with Open NDR and integrated threat intelligence

IoT/OT/ICS threats: Detecting vulnerable Boa web servers

Have questions?

Sign up for our newsletter

We’re hiring!

Get in touch