CONTACT US
CONTACT US

START HERE

Evidence-based security

 

WHY CORELIGHT

Complete visibility

Next-level analytics

Faster investigation

Expert hunting

    CORELIGHT LABS

    Recent research

    Mission and team

    Insights

    Polaris program

      TRENDING TOPICS

      Encrypted traffic

       

      VERTICALS

      Federal
        ad-images-nav_0001_SANs thumb

        SANS Protects: The Network

        DOWNLOAD WHITE PAPER

        ad-images-nav_0009_Threat-hunting-guide

        Threat hunting guide

        GET THE GUIDE

        OVERVIEW

        Open NDR Platform

        Analytics & detections

         

        PRODUCTS

        Zeek®-based evidence

        IDS

        Smart PCAP

        Investigator

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Mandiant

            Microsoft

            Splunk

            View all

             

            USE CASES

            Case Studies

            View all
              ad-nav-crowdstrike

              Corelight now powers CrowdStrike solutions and services

              READ MORE

              ad-images-nav_0013_IDS

              Alerts, meet evidence.

              LEARN MORE ABOUT OUR IDS SOLUTION

              ad-images-nav_white-paper

              5 Ways Corelight Data Helps Investigators Win

              READ WHITE PAPER

              BLOG

              Read the latest

               

              EVENTS

              Meet with us

               

              DEMOS

              Get a demo

                GLOSSARY

                IDS False Positive

                NDR vs. XDR vs. EDR

                What is Digital Forensics & Incident Response (DFIR)?

                What Is an Intrusion Detection System (IDS)?

                What Is NDR (Network Detection & Response)?

                What Is Packet Capture (PCAP)?

                What Is Signature-Based Detection?
                    ad-images-nav_0000_Thinking-like-a-threat-actor

                    Thinking like a Threat Actor: Hunting the Ghost in the Machine

                    WATCH THE WEBCAST

                    ad-images-nav_0006_Blog

                    Don't trust. Verify with evidence

                    READ BLOG

                    ABOUT US

                    About Corelight

                    Careers

                    Leadership

                    Investors

                    Newsroom

                    Apex Awards

                      CHANNEL PARTNERS

                      Partner Program

                      Deal registration

                      Partner Academy

                      Become a Partner
                          ad-nav-NDR-for-dummies

                          NDR for Dummies

                          GET THE WHITE PAPER

                          Screenshot 2023-05-15 at 12.25.41 PM

                          The Power of Open-Source Tools for Network Detection and Response

                          WATCH THE WEBCAST

                          ad-nav-ESG

                          The Evolving Role of NDR

                          DOWNLOAD THE REPORT

                          SUPPORT SERVICES

                          Open a ticket

                          Account login

                          Technical bulletins

                          Report a security vulnerability

                            WORLD-CLASS SUPPORT

                            Support overview
                                ad-images-nav_0006_Blog

                                Detecting 5 Current APTs without heavy lifting

                                READ BLOG

                                Corelight Bright Ideas Blog

                                Ids

                                Replace IDS and extend entity visibility

                                Replace IDS and extend entity visibility

                                By John Gamble – December 8, 2022

                                Today, as a part of our v27 software release, we are launching enhanced IDS rules management functionality, extending analyst visibility around hosts, devices, users, and more, and upgrading the Corelight Software Sensor to give customers more NDR... Read more »

                                Explore Corelight evidence in Humio Community Edition

                                By Ed Smith – April 19, 2022

                                Now available: A free and easy way to learn about Humio and Corelight. Read more »

                                Situational awareness for CISA FECB playbooks

                                By Jean Schaffer – November 30, 2021

                                CISA recently released a set of playbooks for the Federal Civilian Executive Branch (FCEB) to provide improved cybersecurity incident response (IR) and vulnerability response. As was demonstrated by the SolarWinds SUNBURST attack in December 2020,... Read more »

                                Maximize your Splunk ES investment with Corelight

                                Maximize your Splunk ES investment with Corelight

                                By Roger Cheeks – March 16, 2021

                                Are you looking to threat hunt but lack sufficient network and IDS data? Have you tried to accelerate your incident response process with better data, but run into dead ends that require data scientists or significant data model modification? Maybe... Read more »

                                Getting the most out of your NIDS

                                By Jon Natkins – March 7, 2021

                                Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the value of NIDS, but adoption is not uniform across the entire... Read more »

                                Is IPS a feature or a product?

                                By Richard Bejtlich – April 1, 2019

                                This post is a departure from previous editions. It is inspired by discussions I’ve had recently with a few different online and in-person communities. I will present my view on the topic, but I’m more interested in hearing what readers think! Read more »

                                Corelight: a recipe I couldn’t refuse

                                By Joy Bonaguro – September 25, 2018

                                It’s hard to beat a mission like transforming government for the 21st Century. That’s what I’ve been doing for more or less my entire professional life. From building information systems in New Orleans both before and after Hurricane Katrina in 2005... Read more »

                                What’s the riskiest part of your Bro deployment? It may be you.

                                By Seth Hall – August 15, 2017

                                Don’t overlook the obvious: the answer may be you Let me explain, because I’ve watched the following story unfold many times.  A curious person gets super excited about Bro, deploys it widely in their organization, and makes a big impact on the... Read more »

                                Search

                                  Recent Posts

                                  Categories

                                  See all

                                  Archives

                                  See all

                                  Authors

                                  See all