Get Started

          Partnership

          CrowdStrike + Corelight partner to reach new heights

          Through our newly announced partnership with CrowdStrike, Corelight customers will be able to incorporate CrowdStrike’s best-in-class threat intelligence into Corelight Sensors to generate actionable alerts and network evidence. In addition, by... Read more »

          Extending NDR visibility in AWS IaaS

          Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams to ensure that logging is configured (and stays configured) on every service, to... Read more »

          Maximize your Splunk ES investment with Corelight

          Maximize your Splunk ES investment with Corelight

          Are you looking to threat hunt but lack sufficient network and IDS data? Have you tried to accelerate your incident response process with better data, but run into dead ends that require data scientists or significant data model modification? Maybe... Read more »

          Beating alert fatigue with integrated data

          More than 15 years after Gartner declared that “IDS is dead” because it was too noisy to be effectively managed, alert fatigue continues to be a central theme of life in modern SOCs, with a majority of SOCs still unable to process all the alerts... Read more »

          NDR for AWS Well-Architected

          Corelight is a powerful network traffic analysis tool that enables network detection and response (NDR) for AWS Cloud workloads by receiving packets from an AWS Virtual Private Cloud (VPC) traffic mirror and cloud packet brokers. Corelight extracts... Read more »

          Corelight Splunk App update: New dashboard and data

          In support of Corelight’s latest software release, v19, we are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and the Corelight Technical Add-on (TA). Both software packages are available on Splunkbase. The... Read more »

          Zeek & Sigma: Fully compatible for cross-SIEM detections

          Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma, the only generic signature language that enables cross-SIEM detections from a single toolset.... Read more »

          Watch over DNS traffic with Corelight and Splunk

          Corelight sensors put your organization in the best position to watch over DNS traffic with a rich, powerful Network Traffic Analysis (NTA) data set. This article highlights the benefits of Corelight DNS logs, and demonstrates how Splunk Enterprise... Read more »

          Corelight ECS mapping: Unified Zeek data for more efficient analytics

          In addition to other great news we’ve recently shared, I’m pleased to announce that Corelight sensors now support the Elastic Common Schema (ECS) via our Corelight ECS Mapping. Read more »

          Finding truth in the cloud: Google Cloud Packet Mirroring and Corelight Network Traffic Analysis

          “Remember, all I’m offering is the truth” – Morpheus, from the movie Matrix (1999) Read more »

          Search

            Recent Posts