Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Dual Defenses: 10 Reasons Why NDR Is Essential Alongside EDR

By Ed Smith – January 10, 2024

Over the last few years, the evolution of cybersecurity strategies has seen a significant shift toward a more layered, nuanced, and, in many cases, advanced approach. Among these advancements, Network Detection and Response (NDR) has emerged as a... Read more »

Situational awareness for CISA FECB playbooks

By Jean Schaffer – November 30, 2021

CISA recently released a set of playbooks for the Federal Civilian Executive Branch (FCEB) to provide improved cybersecurity incident response (IR) and vulnerability response. As was demonstrated by the SolarWinds SUNBURST attack in December 2020,... Read more »

CrowdStrike + Corelight partner to reach new heights

By Lana Knop – April 21, 2021

Through our newly announced partnership with CrowdStrike, Corelight customers will be able to incorporate CrowdStrike’s best-in-class threat intelligence into Corelight Sensors to generate actionable alerts and network evidence. In addition, by... Read more »

Corelight Splunk App update: New dashboard and data

By Roger Cheeks – July 19, 2020

In support of Corelight’s latest software release, v19, we are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and the Corelight Technical Add-on (TA). Both software packages are available on Splunkbase. The... Read more »

Network Security Monitoring data: Types I, II, and III

By Richard Bejtlich – July 7, 2020

Some critics claim that ever growing encryption renders network security monitoring useless. This opinion is based on a dated understanding of the types and values of data collected and analyzed by computer incident response teams (CIRTs) that... Read more »