CONTACT US
forrester wave report 2023

Forrester rates Corelight a strong performer

GET THE REPORT

ad-nav-crowdstrike

Corelight now powers CrowdStrike solutions and services

READ MORE

ad-images-nav_0013_IDS

Alerts, meet evidence.

LEARN MORE ABOUT OUR IDS SOLUTION

ad-images-nav_white-paper

5 Ways Corelight Data Helps Investigators Win

READ WHITE PAPER

glossary-icon

10 Considerations for Implementing an XDR Strategy

READ NOW

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

ad-nav-NDR-for-dummies

NDR for Dummies

GET THE WHITE PAPER

video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

g2-medal-best-support-ndr-winter-2024

Network Detection and Response

SUPPORT OVERVIEW

 

CORELIGHT LABS

INSIGHTS

CORELIGHT LABS

INSIGHTS

corelight-labs-insights

 

We're committed to providing users with access to the richest stream of network detection and response data possible. Discover parsers for new protocols, data analyzers, malware detectors, supporting documentation, and more, here.

Core Collections


Collections of scripts and plug-ins created for Corelight Sensors that detect malicious behaviors and expand on Zeek data.

C2 Collection - Detection for over 50 types of command and control activity
Encrypted Traffic Collection - Unique insights to investigate encrypted traffic present on most networks
Core Collection - Expanded insights for monitoring high-throughput sites for port scanning, cryptomining, and more

Zeek open source packages

JPEG File Analyzer - Logs additional information about JPEG images
ELF File Analyzer - Logs additional information about ELF based executable files
RedXOR C2 Detector - Detects RedXOR malware by looking for it’s command and control network traffic
ZeroLogin Detector - Detects network traffic specific to the ZeroLogin vulnerabilities

 

Query a full list of all Zeek packages:

https://packages.zeek.org/packages?q=corelight

Zeek open source enhancements

ECS Mappings for Zeek
ECS Dashboards
Ansible Roles for supporting Corelight sensors
Spicy Protocol Parsers

Documentation and guides

Cheatsheets
Zeek Documentation

To learn more about Corelight Labs, contact our team.

Have questions?

Talk with one of our experts today.

CONTACT US