Corelight Bright Ideas Blog

Featured

How to React(.js) to React2Shell and detecting behaviors to catch the Next(.js) big RCE

Ground your defense against React2Shell in verifiable network evidence. Deploy high-fidelity Suricata detections to spot unauthenticated remote code...

David Burkett Dec 6, 2025

A few notes from a CISA anger translator

CISA is trying to shake us all into action, but you have to go hunting for themes. Let's connect some dots across this year's advisories.

Brian Dye Aug 8, 2024

network security

Corelight Announces Cloud Enrichment for AWS, GCP, and Azure

A growing number of defenders use two SIEMs. This post explores why and whether XDR platforms will evolve to to become full threat hunting solutions.

Todd Morneau Aug 6, 2024

network detection response

Enhancing Incident Response with 1-Click Entity Isolation

This new feature empowers SOC analysts to isolate a host directly from Corelight Investigator.

Sahidya Devadoss May 29, 2024

cybersecurity

Next-Generation SIEM: Corelight is the Data of Choice

Learn how Zeek’s metadata approach can help focus patching efforts for the SSH “Terrapin” attack.

Todd Wingler May 7, 2024

network traffic analysis

Black Hat NOC: Findings from Europe & thoughts for Asia 2024

See how we used Corelight's Open NDR platform to take an evidence-based security approach at Blackhat Europe 2023.

Dustin Lee Apr 5, 2024

Zeek

Focus Terrapin patching efforts with Zeek

Learn how Zeek’s metadata approach can help focus patching efforts for the SSH “Terrapin” attack.

Ben Reardon Mar 9, 2024

cybersecurity

Dual Defenses: 9 Reasons Why Open NDR Is Essential Alongside NGFW

Learn why adding Corelight to your cybersecurity arsenal, alongside existing NGFWs, is a strategic necessity.

Ed Smith Mar 1, 2024

cybersecurity

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Learn how threat hunters can identify MITRE ATT&CK persistence techniques.

Allen Marin Feb 26, 2024

network traffic analysis

Detections and Findings using Corelight in the Black Hat Asia NOC

Learn about detections and findings from the network operations center (NOC) at Black Hat Asia 2023.

Dustin Lee Aug 4, 2023

< 1 2 3 5 6 >

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

How to React(.js) to React2Shell and detecting behaviors to catch the Next(.js) big RCE

A few notes from a CISA anger translator

Corelight Announces Cloud Enrichment for AWS, GCP, and Azure

Enhancing Incident Response with 1-Click Entity Isolation

Next-Generation SIEM: Corelight is the Data of Choice

Black Hat NOC: Findings from Europe & thoughts for Asia 2024

Focus Terrapin patching efforts with Zeek

Dual Defenses: 9 Reasons Why Open NDR Is Essential Alongside NGFW

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Detections and Findings using Corelight in the Black Hat Asia NOC

Have questions?

Sign up for our newsletter

We’re hiring!