Bright Ideas Blog

Incident Response

Corelight Investigator accelerates threat hunting

Corelight Investigator accelerates threat hunting

This morning we announced Corelight Investigator, an open NDR platform that enables security teams with the next-level evidence they need to disrupt attacks and accelerate threat hunting through an easy-to-use, quick-to-deploy SaaS solution.  Read more »

Deeper visibility into Kubernetes environments with network monitoring

Editor’s note: This is the first in a series of posts we have planned over the next several weeks. We will explore topics such as network monitoring in Kubernetes, using sidecars to sniff and tunnel traffic, show a real-world example of detecting... Read more »

Countering network resident threats

Vendors often claim that their products or services counter, mitigate, or otherwise affect “nation state threats.” When I worked as a director of incident response at one company, and as a chief security officer at another, claims like these made no... Read more »

A conversation with GE’s former CIO on three keys to CIRT success

Earlier this month during Black Hat I had the good fortune to speak with Gary Reiner, a business leader for whom I have an immense amount of respect. Gary was the chief information officer (CIO) at General Electric (GE) for 20 years, and as such he... Read more »

Don’t delay – Corelight today!

Introduction Recently I heard that a company interested in Corelight was considering delaying their evaluation because of questions about SIEM technology. They currently have two SIEMs and are evaluating a third, possibly to replace the first two.... Read more »

What did I just see? Detection, inference, and identification

In the course of my network security monitoring work at Corelight, I’ve encountered the terms  detection, inference, and identification. In this post I will examine what these terms mean, and how they can help you describe the work you do when... Read more »

Bring Network Security Monitoring to the cloud with Corelight and Amazon VPC Traffic Mirroring

Corelight Sensors transform network traffic into comprehensive logs, extracted files, and custom insights via Zeek, a powerful, open-source network security monitoring framework used by thousands of organizations worldwide to accelerate incident... Read more »

Hello, my name is??

Corelight just released our v17 software release and it’s packed with a number of cool new features including the Input Framework, Community ID, and MITRE’s BZAR collection of detections for lateral movement. Let me share a few details about how... Read more »

Corelight + Chronicle Backstory: Technology integration brings all the right data at the right time for customers

At the recent RSA Conference, Chronicle launched Backstory, a new security analytics platform, and we are pleased to share that Corelight is part of the Chronicle Index Partner program. Read more »

Astronomers and Chemists

Scale is a great word, because its meaning is truly in the eye of the beholder.  To an astronomer, it might mean millions of light years. To a chemist, nanometers.  In the network security monitoring (NSM) world, Corelight is enabling scale in two... Read more »

Search

    Recent Posts