TALK TO AN EXPERT
ad-images-nav_0001_SANs thumb

SANS Protects: The Network

DOWNLOAD WHITE PAPER

ad-images-nav_0009_Threat-hunting-guide

Threat hunting guide

GET THE GUIDE

ad-images-nav_0013_IDS

Alerts, meet evidence.

LEARN MORE ABOUT OUR IDS SOLUTION

ad-images-nav_white-paper

5 Ways Corelight Data Helps Investigators Win

READ WHITE PAPER

ad-images-nav_0000_Thinking-like-a-threat-actor

Thinking like a Threat Actor: Hunting the Ghost in the Machine

WATCH THE WEBCAST

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

ad-nav-NDR-for-dummies

NDR for Dummies

GET THE WHITE PAPER

ad-nav-video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

Corelight Bright Ideas Blog

Ids

Replace IDS and extend entity visibility

Replace IDS and extend entity visibility

Today, as a part of our v27 software release, we are launching enhanced IDS rules management functionality, extending analyst visibility around hosts, devices, users, and more, and upgrading the Corelight Software Sensor to give customers more NDR... Read more »

Explore Corelight evidence in Humio Community Edition

Now available: A free and easy way to learn about Humio and Corelight. Read more »

Situational awareness for CISA FECB playbooks

CISA recently released a set of playbooks for the Federal Civilian Executive Branch (FCEB) to provide improved cybersecurity incident response (IR) and vulnerability response. As was demonstrated by the SolarWinds SUNBURST attack in December 2020,... Read more »

Maximize your Splunk ES investment with Corelight

Maximize your Splunk ES investment with Corelight

Are you looking to threat hunt but lack sufficient network and IDS data? Have you tried to accelerate your incident response process with better data, but run into dead ends that require data scientists or significant data model modification? Maybe... Read more »

Getting the most out of your NIDS

Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the value of NIDS, but adoption is not uniform across the entire... Read more »

Is IPS a feature or a product?

This post is a departure from previous editions. It is inspired by discussions I’ve had recently with a few different online and in-person communities. I will present my view on the topic, but I’m more interested in hearing what readers think! Read more »

Corelight: a recipe I couldn’t refuse

It’s hard to beat a mission like transforming government for the 21st Century. That’s what I’ve been doing for more or less my entire professional life. From building information systems in New Orleans both before and after Hurricane Katrina in 2005... Read more »

What’s the riskiest part of your Bro deployment? It may be you.

Don’t overlook the obvious: the answer may be you Let me explain, because I’ve watched the following story unfold many times.  A curious person gets super excited about Bro, deploys it widely in their organization, and makes a big impact on the... Read more »

Search

    Recent Posts