Corelight Bright Ideas Blog

Featured

Corelight at SC25: A laboratory for securing the fastest conference network

Defending the SCinet network is critical work. See how we handled orders of magnitude more traffic using Corelight’s Open NDR Platform.

Mark Overholser Feb 17, 2026

cybersecurity

Inside the Mind of a Cybersecurity Threat Hunter Part 2: Identifying Persistence Techniques

Learn how threat hunters can identify MITRE ATT&CK persistence techniques.

Allen Marin Feb 26, 2024

network detection response

Dual Defenses: 10 Reasons Why NDR Is Essential Alongside EDR

Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.

Ed Smith Jan 10, 2024

NDR

How Corelight Uses AI to Empower SOC Teams

Learn how Corelight is using AI in its NDR products to help SOC teams be even more productive.

Vince Stoffer Nov 15, 2023

Zeek

Turning the tables on the infiltrator

Learn how the kill web concept can be applied to cybersecurity, and how it addresses some of the concerns with the kill chain.

Ben Reardon Oct 16, 2023

NDR

Black Hat NOC USA 2023: A tale of sharp needles in a stack of dull needles

Take a look at an incident we detected, investigated, triaged, and closed using Corelight at Black Hat Las Vegas 2023.

Ben Reardon Sep 15, 2023

command and control

How Does the Kill Chain Apply to Network-Derived Evidence?

This article proposes ways that modern network-derived evidence applies to the kill chain.

Richard Bejtlich Sep 12, 2023

cybersecurity

Detecting Storm-0558 using Corelight evidence

Learn how to leverage Corelight evidence to detect and analyze activity related to Storm-0558.

Chris Brown Aug 2, 2023

SOC

Lessons Learned Deploying Corelight in the Black Hat Asia NOC

Black Hat Asia 2023 NOC: Lessons in Deploying Corelight

Dustin Lee Jun 12, 2023

Network Security Monitoring

Corelight launches the Entity Collection

Corelight Entity Collection, now available in v26 software release, features 3 new packages: Known Entities, Application Identification and Local...

Vince Stoffer Dec 13, 2022

< 1 2 3 ... 9 10 >

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

Network Detection & Response