Corelight Bright Ideas Blog

Featured

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

Allen Marin Oct 30, 2025

Application Layer Infrastructure Visibility in IaaS

Application layer infrastructure visibility in IaaS using a recent Log4Shell example.

Ricky Lin Feb 10, 2022

network detection response

Detecting Log4j exploits via Zeek when Java downloads Java

The blog covers a third log4j detection method, this one focused on the second-stage download that happens after the first stage completes.

Corelight Labs Team Dec 18, 2021

network detection response

Detecting Log4j via Zeek & LDAP traffic

We recently discussed some methods for detecting the Log4j exploit, and we’ve developed another method that one running Zeek® or a Corelight sensor...

Corelight Labs Team Dec 17, 2021

Zeek

Finding Very Damaging Needles in Very Large Haystacks

In previous projects, I’ve tackled some needle-in-haystack problems. From these efforts, several high-level themes have emerged.

Vern Paxson Sep 26, 2017

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Application Layer Infrastructure Visibility in IaaS

Detecting Log4j exploits via Zeek when Java downloads Java

Detecting Log4j via Zeek & LDAP traffic

Finding Very Damaging Needles in Very Large Haystacks

Have questions?

Sign up for our newsletter

We’re hiring!