Corelight Bright Ideas Blog

Featured

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

Allen Marin Oct 30, 2025

Zeek

Detecting CVE-2022-23270 in PPTP

In this post Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek-based detection for it.

Corelight Labs Team May 26, 2022

Zeek

Detecting CVE-2022-26937 with Zeek

This post shows how a Microsoft NFS exploit (CVE-2022-26937) can be detected using Zeek.

Corelight Labs Team May 26, 2022

Zeek

Another day, another DCE/RPC RCE

The Corelight Labs team investigates CVE-2022-26809 and open-sources a Zeek package that detects attempts and successful exploitation in unencrypted...

Corelight Labs Team May 17, 2022

Corelight Labs

Detecting Windows NFS Portmap vulnerabilities

This blog post discusses Zeek detection packages for CVE-2022-24491 and CVE-2022-24497 developed by Corelight Labs.

Corelight Labs Team Apr 21, 2022

Zeek

Detecting CVE-2021-42292

Learn how to detect the CVE-2021-42292 exploit, which relies on Excel fetching a second Excel file, through behavioral tricks.

Corelight Labs Team Nov 10, 2021

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Detecting CVE-2022-23270 in PPTP

Detecting CVE-2022-26937 with Zeek

Another day, another DCE/RPC RCE

Detecting Windows NFS Portmap vulnerabilities

Detecting CVE-2021-42292

Have questions?

Sign up for our newsletter

We’re hiring!