Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Streamlining security investigations with real-time enrichment of Corelight Open NDR and SentinelOne Singularity

By Allen Marin – October 15, 2024

In today’s threat landscape, security teams face mounting challenges in maintaining a robust security posture. Legacy tools often fall short of defending against increasingly sophisticated adversaries, especially with the complexity of modern,... Read more »

Feed me!

By Vince Stoffer – September 25, 2024

Corelight has strengthened the Suricata integration within its Open NDR Platform, empowering customers with a custom ruleset, the Corelight Feed, designed to swiftly detect and help respond to emerging threats. With a new monthly update cycle,... Read more »

Want better network visibility? Don't just go with the (net)flow

By Mark Overholser – September 23, 2024

In the Black Hat Network Operations Center (NOC), the conference’s leadership team must assemble best-in-class technologies that complement each other to build and harden an enterprise-grade network in just a few days. Then, the NOC must... Read more »

Stronger Security with Corelight and Mandiant Managed Defense

By Allen Marin – September 18, 2024

At Corelight, we’re thrilled when a respected cybersecurity leader like Mandiant introduces a new offering based on our solution. This week, Mandiant Managed Defense unveiled support for Corelight Open NDR, a move that strengthens our existing... Read more »

Corelight Open NDR Achieves VMware Ready for Telco Cloud Infrastructure Certification

By Lisa Karas – September 17, 2024

Accelerate Your Hybrid Cloud Security with Corelight Open NDR, now in the VMware Marketplace Read more »

Detecting Abuse of NetSupport Manager

By Corelight Labs Team – September 11, 2024

Welcome to the latest hunt from Corelight Labs! This blog continues our tradition of analyzing trending TTPs on Any.Run and writing detectors for them. Read more »

Understanding the Latest Threat Landscape: Insights from Mandiant M-Trends

By Allen Marin – July 18, 2024

In the constantly evolving world of cybersecurity, staying ahead of emerging threats requires continuous vigilance and adaptation. Fortunately for those of us in the industry, we’ve been able to count on highly respected digital forensics and... Read more »

Corelight recognized for SaaS and Cloud Identity Applications Security in the Gartner Competitive Landscape Report*

By Alyssa Ideboen – July 18, 2024

The cybersecurity landscape is evolving, and Network Detection and Response (NDR) solutions are becoming indispensable for consistent visibility across an increasing attack surface. In the Competitive Landscape for NDR research, Gartner® claims that... Read more »

Black Hat NOC: Zero Trust…but Verify | Corelight

By Mark Overholser – July 8, 2024

Zero Trust…but Verify The Black Hat network is unlike an enterprise network. The network operations center (NOC), which Corelight helps to operate, sees traffic that would never be permissible on most enterprise networks. Still, in many ways the... Read more »

Detecting The Agent Tesla Malware Family

By Keith J. Jones – July 2, 2024

Welcome to the latest from Corelight Labs! This blog continues our tradition of picking a popular malware family from Any.Run and writing a detector for it! Trending consistently at #1 on Any.Run’s malware trends list, Agent Tesla uses multiple... Read more »