Corelight Bright Ideas Blog

Featured

Extending the value of network evidence: Introducing Performance and Asset Visibility

Corelight Performance and Asset Visibility unlocks SecOps and NetOps intelligence from one sensor, with device classification and anomaly-first...

Tyler Hill Jun 17, 2026

network detection response

How do you know?

Can you be sure attackers aren’t hiding in your encrypted traffic? It’s a fundamental question in enterprise security. Why? Imagine these two shops.

Charles Strauss May 18, 2021

Zeek

Pingback: ICMP Tunneling Malware

This blog will introduce a method of detecting the Pingback malware in which attackers often hide their communications in ping message payloads.

Corelight Labs Team May 7, 2021

Zeek

CrowdStrike + Corelight partner to reach new heights

The CrowdStrike + Corelight partnership lets customers incorporate threat intelligence into Corelight Sensors to generate alerts and network evidence.

Lana Knop Apr 22, 2021

Zeek

Community ID support for Wireshark

The past few weeks have seen several developments around Community ID and support for Wireshark. I’d like to summarize them in this blog post.

Christian Kreibich Oct 7, 2020

Zeek

Give me my stats!

In this post I am going to walk you through the process I used to develop a package called “my_stats” that pulls memory information from a running...

Keith J. Jones Sep 21, 2020

Zeek

Zeek & Sigma: Fully compatible for cross-SIEM detections

Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.

Alex Kirk Jun 25, 2020

< 1 2 3 ... 6 7 >

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

Network Detection & Response

Corelight Bright Ideas Blog

Extending the value of network evidence: Introducing Performance and Asset Visibility

How do you know?

Pingback: ICMP Tunneling Malware

CrowdStrike + Corelight partner to reach new heights

Community ID support for Wireshark

Give me my stats!

Zeek & Sigma: Fully compatible for cross-SIEM detections

Have questions?

Sign up for our newsletter

We’re hiring!

Get in touch