Corelight Bright Ideas Blog

Featured

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

Enhanced anomaly detection and east-west visibility improve evasive threat detection, reduce false positives, and help SOC teams focus on critical...

Allen Marin Oct 30, 2025

Zeek

What makes evidence uniquely valuable?

Learn about the attributes of high-quality evidence. What should evidence look like, in order to be useful to defenders when the next security event...

Gregory Bell May 18, 2022

MITRE ATT&CK

Translating query into action

Sigma is an open-source project that provides a generic signature format for SIEMs. Here are the benefits of Sigma, and how to get these threat...

Vince Stoffer Mar 15, 2021

Zeek

Detecting Zerologon (CVE-2020-1472) with Zeek

To assist in detecting Zerologon (CVE-2020-1472), we’ve open sourced a Zeek package that detects both attempted and successful exploits.

Yacin Nadji Sep 16, 2020

Zeek

Together is faster: Zeek for vulnerabilities

I love this quote by John Lambert. It perfectly describes the impact network defenders can achieve by pooling resources, insights, and techniques.

Gregory Bell Aug 18, 2020

Zeek

Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

We’ve just open sourced a Zeek package that detects exploit attempts and successes. This package demonstrates a couple of aspects that are worth...

Ben Reardon Jul 28, 2020

Zeek

Zeek & Sigma: Fully compatible for cross-SIEM detections

Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma.

Alex Kirk Jun 25, 2020

Corelight announces cloud enrichment for AWS, GCP, and Azure

The Corelight Partner Program

10 considerations for implementing an XDR strategy

Don't trust. Verify with evidence

Network Detection & Response

Corelight Bright Ideas Blog

Modernize threat detection and SOC efficiency with integrated Corelight Threat Intelligence

What makes evidence uniquely valuable?

Translating query into action

Detecting Zerologon (CVE-2020-1472) with Zeek

Together is faster: Zeek for vulnerabilities

Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

Zeek & Sigma: Fully compatible for cross-SIEM detections

Have questions?

Sign up for our newsletter

We’re hiring!