Corelight Bright Ideas Blog

Featured Post

Whether they use custom implants for persistence, zero days for initial access, or live off the land (LOTL) to avoid detection, finding a state-sponsored adversary group can be a challenging proposition for defenders. This can be particularly true for adversaries that are sponsored by the People’s Republic of China (PRC). Historically, their focus... Read more »

Additional Posts

How to Threat Hunt for Volt Typhoon Using NDR

By Jason Wood – May 12, 2025

Edge exploits, EDR blind spots, 51-second breakouts

By Vijit Nair – April 30, 2025

For every advancement in defense, attackers supply the equal and opposite adaptation. In the last few years EDRs have become so effective that adversaries have radically shifted gears. That shift shows up unmistakably in three heavyweight... Read more »

Cloud your way: Expanding threat visibility to meet the unique needs of your business

By Allen Marin – April 29, 2025

Let’s face it: The cloud has become the go-to platform for modern infrastructure—and for good reason. Scalability, flexibility, and speed are hard to beat. But as organizations increasingly rely on the cloud to run their critical operations, the... Read more »

Your network evidence, your SIEM, your way: Corelight’s open SIEM strategy empowers SOCs with a unified experience

By Ricky Lin – April 25, 2025

Security operations centers (SOCs) are under constant pressure to keep their organizations secure, while battling alert fatigue, tool sprawl, and ever-rising demands for speed and precision. Analysts today face an overwhelming landscape where... Read more »

How Corelight's anomaly detection enhances network security

By Cynthia Gonzalez – April 15, 2025

Signature-based detections provide fast, effective defense against known attacks. But the threat landscape is rapidly changing: Attackers are utilizing novel, sophisticated techniques that can bypass traditional, signature-based detection methods... Read more »

Leveraging map-reduce and LLMs for enhanced cybersecurity network detection

By Keith J. Jones – March 25, 2025

In my security research role at Corelight, I often have to go through large, complex data sets to detect subtle anomalies and threats. It reminds me of a famous quote by Abraham Lincoln: Read more »

How metadata wrestled control of FINRA’s colossal data archiving requirements

By Richard Chitamitre – March 7, 2025

The financial industry is known for its rigorous and sometimes quirky data retention requirements that can challenge even the most seasoned security expert. Read more »

Quick FIX® log management: How metadata simplifies financial protocol tracking (and how Corelight’s platform can help)

By Steve Smoot – March 7, 2025

Financial institutions, such as banks and trading houses, have a strong interest in recording key transaction activity within their networks. In the face of daunting data storage requirements, many are finding that Corelight’s network... Read more »

For Science! – Threat hunting with SCinet at SC24

By Eldon Koyle – March 5, 2025

Introduction In November 2024, I participated in SCinet with the Network Security team at SC24. My job was supporting Corelight sensors and threat hunting using the data the sensors produced. Read more »

Running DeepSeek AI privately using open-source software

By Keith J. Jones – February 28, 2025

Introduction Zeek® is a powerful open-source network analysis tool that allows users to monitor traffic and detect malicious activities. Users can write packages to detect cybersecurity events, like this GitHub repo that detects C2 from AgentTesla... Read more »

Load Older Posts

Corelight Bright Ideas Blog

Featured Post

How to Threat Hunt for Volt Typhoon Using NDR

Additional Posts

How to Threat Hunt for Volt Typhoon Using NDR

Edge exploits, EDR blind spots, 51-second breakouts

Cloud your way: Expanding threat visibility to meet the unique needs of your business

Your network evidence, your SIEM, your way: Corelight’s open SIEM strategy empowers SOCs with a unified experience

How Corelight's anomaly detection enhances network security

Leveraging map-reduce and LLMs for enhanced cybersecurity network detection

How metadata wrestled control of FINRA’s colossal data archiving requirements

Quick FIX® log management: How metadata simplifies financial protocol tracking (and how Corelight’s platform can help)

For Science! – Threat hunting with SCinet at SC24

Running DeepSeek AI privately using open-source software

Recent Posts

Sign up for our newsletter

Locations

1 (888) 547-9497

We're hiring!