Corelight Bright Ideas Blog

Featured

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

Allen Marin Oct 30, 2025

Zeek

Finding CVE-2022-22954 with Zeek

In this post, we share simple ways to detect evidence of CVE-2022-22954 in Zeek logs, which can be adapted to other data stores (e.g., a SIEM).

Corelight Labs Team May 20, 2022

Zeek

What makes evidence uniquely valuable?

Learn about the attributes of high-quality evidence. What should evidence look like, in order to be useful to defenders when the next security event...

Gregory Bell May 18, 2022

Zeek

Spotting Log4j traffic in Kubernetes environments

We demonstrate how the visibility of network traffic passing between pods and containers within the K8s network can be utilized to detect a log4j...

Stan Kiefer May 10, 2022

network detection response

Network evidence for defensible disclosure

What do I say if my team discovers a breach of our digital assets? This is a question that requires understanding “defensible disclosure.”

Richard Bejtlich May 5, 2022

network detection response

Sidecars for network monitoring

Sniffing and mirroring network traffic from containers can be complicated. This post explores one approach to achieve this by injecting a sniffer...

Al Smith Apr 21, 2022

network detection response

Explore Corelight evidence in Humio Community Edition

Our new collaboration with CrowdStrike and Humio allows our customers and the community to experience the value of evidence.

Ed Smith Apr 19, 2022

< 1 2 >

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Finding CVE-2022-22954 with Zeek

What makes evidence uniquely valuable?

Spotting Log4j traffic in Kubernetes environments

Network evidence for defensible disclosure

Sidecars for network monitoring

Explore Corelight evidence in Humio Community Edition

Have questions?

Sign up for our newsletter

We’re hiring!