Corelight Bright Ideas Blog

Featured

The 7 sins killing your SOC efficacy (and why NDR is the cure)

Avoid the 7 deadly sins of Network Detection and Response (NDR). Learn why firewall logs, black-box AI, and alert fatigue are killing SOC efficiency.

Josh Porto Apr 30, 2026

Zeek

Focus Terrapin patching efforts with Zeek

Learn how Zeek’s metadata approach can help focus patching efforts for the SSH “Terrapin” attack.

Ben Reardon Mar 9, 2024

cybersecurity

Dual Defenses: 9 Reasons Why Open NDR Is Essential Alongside NGFW

Learn why adding Corelight to your cybersecurity arsenal, alongside existing NGFWs, is a strategic necessity.

Ed Smith Mar 1, 2024

cybersecurity

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Learn how threat hunters can identify MITRE ATT&CK persistence techniques.

Allen Marin Feb 26, 2024

network detection response

Dual Defenses: 10 Reasons Why NDR Is Essential Alongside EDR

Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.

Ed Smith Jan 10, 2024

NDR

How Corelight Uses AI to Empower SOC Teams

Learn how Corelight is using AI in its NDR products to help SOC teams be even more productive.

Vince Stoffer Nov 15, 2023

Zeek

Turning the tables on the infiltrator

Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.

Ben Reardon Oct 16, 2023

NDR

Black Hat NOC USA 2023: A tale of sharp needles in a stack of dull needles

Take a look at an incident we detected, investigated, triaged, and closed using Corelight at Black Hat Las Vegas 2023.

Ben Reardon Sep 15, 2023

command and control

How Does the Kill Chain Apply to Network-Derived Evidence?

This article proposes ways that modern network-derived evidence applies to the kill chain.

Richard Bejtlich Sep 12, 2023

cybersecurity

Detecting Storm-0558 using Corelight evidence

Learn how to leverage Corelight evidence to detect and analyze activity related to Storm-0558.

Chris Brown Aug 2, 2023

< 1 2 3 ... 10 11 12 >

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

Network Detection & Response

Corelight Bright Ideas Blog

The 7 sins killing your SOC efficacy (and why NDR is the cure)

Focus Terrapin patching efforts with Zeek

Dual Defenses: 9 Reasons Why Open NDR Is Essential Alongside NGFW

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Dual Defenses: 10 Reasons Why NDR Is Essential Alongside EDR

How Corelight Uses AI to Empower SOC Teams

Turning the tables on the infiltrator

Black Hat NOC USA 2023: A tale of sharp needles in a stack of dull needles

How Does the Kill Chain Apply to Network-Derived Evidence?

Detecting Storm-0558 using Corelight evidence

Have questions?

Sign up for our newsletter

We’re hiring!

Get in touch