Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Corelight: #winning in Network Security

By Alan Saldich – March 4, 2019

2018 was undoubtedly a banner year for Corelight. We closed out 2018 with many successes under our belt that reflect the hard work of our people: We more than quadrupled our sales year-over-year and more than doubled our customer base and employee... Read more »

Astronomers and Chemists

By Brian Dye – February 27, 2019

Scale is a great word, because its meaning is truly in the eye of the beholder. To an astronomer, it might mean millions of light years. To a chemist, nanometers. In the network security monitoring (NSM) world, Corelight is enabling scale in two... Read more »

Network security monitoring is dead, and encryption killed it.

By Richard Bejtlich – January 28, 2019

This post is part of a multi-part series on encryption and network security monitoring. This post covers a brief history of encryption on the web and investigates the security analysis challenges that have developed as a result. I’ve been hearing... Read more »

Network Security Monitoring: Your best next move

By Richard Bejtlich – December 10, 2018

Welcome to the first in a regular series of blog posts on network security monitoring (NSM). Read more »

Log enrichment with DNS host names

By Christian Kreibich – October 24, 2018

One of the first tasks for any incident responder when looking at network logs is to figure out the host names that were associated with an IP address in prior network activity. With Corelight’s 1.15 release we help automate the process and I would... Read more »

Network security monitoring vs supply chain backdoors

By Richard Bejtlich – October 3, 2018

On October 4, 2018, Bloomberg published a story titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” with a subtitle “The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by... Read more »

Corelight: a recipe I couldn’t refuse

By Joy Bonaguro – September 25, 2018

It’s hard to beat a mission like transforming government for the 21st Century. That’s what I’ve been doing for more or less my entire professional life. From building information systems in New Orleans both before and after Hurricane Katrina in 2005... Read more »

Twenty years of network security monitoring: from the AFCERT to Corelight

By Richard Bejtlich – September 10, 2018

I am really fired up to join Corelight. I’ve had to keep my involvement with the team a secret since officially starting on July 20th. Why was I so excited about this company? Let me step backwards to help explain my present situation, and forecast... Read more »

There’s more to Bro than great network data

By Vince Stoffer – September 5, 2018

Corelight recently released our 1.15 software update which includes some fantastic new features, including our first group of curated Bro Packages which we’re calling the “Core Collection.” In this blog post, I’ll tell you a bit more about how... Read more »

Corelight’s recent contributions to open-source Bro

By Robin Sommer – August 8, 2018

When we founded Corelight in 2013, one of our goals was to build an organization that could sustain open-source Bro development long term. At that time, the core team behind Bro was still funded primarily through grants from the National Science... Read more »