Get Started

          Incident Response

          Countering network resident threats

          Vendors often claim that their products or services counter, mitigate, or otherwise affect “nation state threats.” When I worked as a director of incident response at one company, and as a chief security officer at another, claims like these made no... Read more »

          A conversation with GE’s former CIO on three keys to CIRT success

          Earlier this month during Black Hat I had the good fortune to speak with Gary Reiner, a business leader for whom I have an immense amount of respect. Gary was the chief information officer (CIO) at General Electric (GE) for 20 years, and as such he... Read more »

          Don’t delay – Corelight today!

          Introduction Recently I heard that a company interested in Corelight was considering delaying their evaluation because of questions about SIEM technology. They currently have two SIEMs and are evaluating a third, possibly to replace the first two.... Read more »

          What did I just see? Detection, inference, and identification

          In the course of my network security monitoring work at Corelight, I’ve encountered the terms  detection, inference, and identification. In this post I will examine what these terms mean, and how they can help you describe the work you do when... Read more »

          Bring Network Security Monitoring to the cloud with Corelight and Amazon VPC Traffic Mirroring

          Corelight Sensors transform network traffic into comprehensive logs, extracted files, and custom insights via Zeek, a powerful, open-source network security monitoring framework used by thousands of organizations worldwide to accelerate incident... Read more »

          Hello, my name is??

          Corelight just released our v17 software release and it’s packed with a number of cool new features including the Input Framework, Community ID, and MITRE’s BZAR collection of detections for lateral movement. Let me share a few details about how... Read more »

          Corelight + Chronicle Backstory: Technology integration brings all the right data at the right time for customers

          At the recent RSA Conference, Chronicle launched Backstory, a new security analytics platform, and we are pleased to share that Corelight is part of the Chronicle Index Partner program. Read more »

          Astronomers and Chemists

          Scale is a great word, because its meaning is truly in the eye of the beholder.  To an astronomer, it might mean millions of light years. To a chemist, nanometers.  In the network security monitoring (NSM) world, Corelight is enabling scale in two... Read more »

          Network Security Monitoring: Your best next move

          Welcome to the first in a regular series of blog posts on network security monitoring (NSM). Read more »

          Databricks + Corelight – A powerful combination for cybersecurity, incident response and threat hunting

          Incident response, threat hunting and cybersecurity in general relies on great data. Just like the rest of the world where virtually everything these days is data-driven, from self-driving cars to personalized medicine, effective security strategies... Read more »

          Search

            Recent Posts