Corelight Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Network Detection and Response

Corelight Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Network Detection and Response

CONTACT US
Download our free guide to find hidden attackers.

Find hidden attackers with Open NDR

SEE HOW

volt-typhoon-warning

Detect advanced attacks with Corelight

SEE HOW

cloud-network

Corelight announces cloud enrichment for AWS, GCP, and Azure

READ MORE

partner-icon-green

Corelight's partner program

BECOME A PARTNER

glossary-icon

10 Considerations for Implementing an XDR Strategy

READ NOW

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

g2-medal-best-support-spring-2024

Network Detection and Response

SUPPORT OVERVIEW

 

Network Detection Response

How to threat hunt for Volt Typhoon using NDR

Whether they use custom implants for persistence, zero days for initial access, or live off the land (LOTL) to avoid detection, finding a state-sponsored adversary group can be a challenging proposition for defenders. This can be particularly true... Read more »

Leveraging map-reduce and LLMs for enhanced cybersecurity network detection

In my security research role at Corelight, I often have to go through large, complex data sets to detect subtle anomalies and threats. It reminds me of a famous quote by Abraham Lincoln: Read more »

How metadata wrestled control of FINRA’s colossal data archiving requirements

The financial industry is known for its rigorous and sometimes quirky data retention requirements that can challenge even the most seasoned security expert. Read more »

Quick FIX® log management: How metadata simplifies financial protocol tracking (and how Corelight’s platform can help)

Financial institutions, such as banks and trading houses, have a strong interest in recording key transaction activity within their networks. In the face of daunting data storage requirements, many are finding that Corelight’s network... Read more »

For Science! – Threat hunting with SCinet at SC24

Introduction In November 2024, I participated in SCinet with the Network Security team at SC24. My job was supporting Corelight sensors and threat hunting using the data the sensors produced. Read more »

Running DeepSeek AI privately using open-source software

Introduction Zeek® is a powerful open-source network analysis tool that allows users to monitor traffic and detect malicious activities. Users can write packages to detect cybersecurity events, like this GitHub repo that detects C2 from AgentTesla... Read more »

Corelight delivers data aggregation to reduce SIEM ingest by 50-80% compared to legacy network security monitoring tools

According to Forrester Research, “How do we reduce our SIEM ingest costs?” is one of the top inquiries they receive from clients. Many security organizations rely on SIEMs for their detection, investigation, and response workflows, ingesting... Read more »

Understand and detect MITRE Caldera with Zeek®

What is MITRE Caldera? MITRE’s Caldera is a cybersecurity platform developed to simulate adversarial tactics, techniques, and procedures (TTPs). Built upon the MITRE ATT&CK framework, Caldera is an open-source tool designed to help cybersecurity... Read more »

Corelight and Microsoft: A smarter way to fight alert fatigue

For SOC teams, the battle against cyber threats can feel like trying to solve a 3D jigsaw puzzle in a bouncy house with missing pieces and a timer blasting every few seconds. Despite the increase in security spending, most teams still struggle with... Read more »

Simplify SOC analyst experience with the enhanced Corelight Splunk App

Simplify SOC analyst experience with the enhanced Corelight Splunk App

Security operations centers (SOCs) play a vital role in detection, containment and mitigation of today’s advanced cyber attacks. SoC teams are also responsible for proactively hunting for threats, and improving the organization’s overall security... Read more »