Corelight’s Open Network Detection and Response (NDR) solution has been chosen by the esteemed Black Hat Network Operations Center (NOC) to help...
We show how enriching Zeek® logs with cloud and container context makes it faster to tie interesting activity to the container or cloud asset...
This morning we announced Corelight Investigator, an open NDR platform that enables security teams with next-level evidence. Here is how it works.
This post explores the need, different approaches and pros and cons of monitor traffic in Kubernetes environments.
The most sophisticated cyber defense teams in the world have shifted their strategies towards the collection and analysis of high-quality evidence.
Can you be sure attackers aren’t hiding in your encrypted traffic? It’s a fundamental question in enterprise security. Why? Imagine these two shops.
The CrowdStrike + Corelight partnership lets customers incorporate threat intelligence into Corelight Sensors to generate alerts and network evidence.
Sigma is an open-source project that provides a generic signature format for SIEMs. Here are the benefits of Sigma, and how to get these threat...
In this blog post, we’ll look at some tips and tricks for how you can get more out of your Network Intrusion Detection Systems (NIDS).