Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

By Allen Marin – November 27, 2023

At Corelight, we’re always striving to make the life of threat hunters and security analysts a little easier. It’s the reason we developed our Open NDR Platform that provides comprehensive, correlated network data and forensic evidence about... Read more »

How Corelight Uses AI to Empower SOC Teams

By Vince Stoffer – November 15, 2023

The explosion of interest in artificial intelligence (AI) and specifically large language models (LLMs) has recently taken the world by storm. The duality of the power and risks that this technology holds is especially pertinent to cybersecurity. On... Read more »

The Art of Team Building: Blueprints from the Black Hat NOC

By Dustin Lee – October 31, 2023

It has been a distinct honor to be a part of the Corelight team that helped defend this year’s Black Hat events. I started the event season in the Network Operations Center (NOC) at Black Hat Asia, and then capped it off at Black Hat in Las Vegas.... Read more »

Turning the tables on the infiltrator

By Ben Reardon – October 16, 2023

This article was originally featured in TechBeacon. Read more »

Black Hat NOC USA 2023: Five takeaways for SOC teams

By Mark Overholser – October 13, 2023

During this year’s Black Hat in Las Vegas, I learned (or was reminded of) many lessons working alongside my Corelight colleagues and Black Hat Network Operations Center (NOC) teammates from Arista, Cisco, Lumen, NetWitness and Palo Alto Networks.... Read more »

Enhance your search experience within Splunk by using the Corelight App

By James Schweitzer – October 11, 2023

The Corelight App for Splunk provides the foundation for organizations to boost SOC effectiveness and productivity by using Corelight data in Splunk. In this blog, I’ll walk through how the Corelight App leverages Splunk’s Common Information Model... Read more »

Lessons Learned Deploying Corelight in the Black Hat Asia NOC

By Dustin Lee – June 12, 2023

Last month, Corelight had the distinct privilege of joining Cisco, NetWitness, Palo Alto Networks, Arista, and our internet service provider, MyRepublic, to provide availability and network security overwatch to the Black Hat Asia network in... Read more »

Corelight Open NDR Now Helps Defend Black Hat Events

By John Gamble – April 18, 2023

Enriching NDR logs with context

By Stan Kiefer – June 2, 2022

Editor’s note: This is the latest in a series of posts where we explore topics such as network monitoring in Kubernetes, using sidecars to sniff and tunnel traffic, show a real-world example of detecting malicious traffic between containers, and... Read more »

Corelight Investigator accelerates threat hunting

By Nick Hunter – May 25, 2022

This morning we announced Corelight Investigator, an open NDR platform that enables security teams with the next-level evidence they need to disrupt attacks and accelerate threat hunting through an easy-to-use, quick-to-deploy SaaS solution. Read more »