CONTACT US
forrester wave report 2023

Close your ransomware case with Open NDR

SEE HOW

Download our free guide to find hidden attackers.

Find hidden attackers with Open NDR

SEE HOW

cloud-network

Corelight announces cloud enrichment for AWS, GCP, and Azure

READ MORE

corelight partner programe guide

Corelight's partner program

VIEW PROGRAM

glossary-icon

10 Considerations for Implementing an XDR Strategy

READ NOW

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

g2-medal-best-support-spring-2024

Network Detection and Response

SUPPORT OVERVIEW

 

Corelight Unveils Corelight Labs, a Hub for Research and Innovation

Company expands its research expertise with addition of AI and security operations experts from its PatternEx acquisition to the Labs team 

San Francisco, Calif., — Oct. 13, 2021 — Corelight, provider of the industry’s leading open network detection and response (NDR) platform, has launched Corelight Labs, a research team within the company dedicated to providing cutting-edge content that enables complete, detailed monitoring of enterprise network activity for threat hunting, analysis, and response. Under the leadership of Dr. Vern Paxson, co-founder and chief scientist at Corelight, the team is comprised of security researchers with decades of collective experience in academia and security research roles at some of the world’s leading consumer brands, enterprises, government agencies and universities. 

Joining the Corelight Labs team of security researchers is a group of seasoned data scientists, artificial intelligence and security operations experts from PatternEx, a key vendor in the AI-for-security-operations space, following Corelight’s acquisition of the company last year.

“It has been a privilege to attract some of the brightest minds in network security and data science to Corelight and to bring them together as our core research team,” said Paxson. “The experience and excellence they bring to the problems we tackle makes it exhilarating to lead them. This shows in the sophistication of the content collections the team produces, as well as in their ability to quickly respond to recent security exploits, such as the PetitPotam and OMIGOD incidents.”

Corelight Labs research fuels innovation for new insights and capabilities that help to power the Corelight Sensor portfolio. “The expertise this team brings to the table has led to collections of data insights that empower Corelight’s customers to effectively counter the latest threats,” added Paxson.

Corelight Labs contributions to the Corelight Sensor portfolio include:

  • Corelight C2 Collection: helps customers find command-and-control activity with over 50 unique insights and detections. This collection covers both known C2 toolkits and MITRE ATT&CK C2 techniques to find new attacks.
  • Corelight Encrypted Traffic Collection: offers dozens of novel insights into SSL, SSH, and RDP connections, along with encrypted insights from the Zeek® community like JA3 — all without decryption.
  • Corelight Core Collection: combines proprietary Corelight packages that help sensors scale in high-throughput environments, along with curated insights developed by the Zeek community.

The Corelight Labs launch coincides with the first day of ZeekWeek 2021 (formerly BroCon), a central community event for users, developers, incident responders, threat hunters and architects who rely on Zeek as a critical element in their security stack. This year’s annual event is taking place virtually from Oct. 13-15, 2021, and is free to attend (registration is required). Corelight Labs team members are scheduled to speak at the show

Please visit Corelight Labs home page for more information on the team’s research, projects, mission and members. 

For more information on the PatternEx acquisition, please contact us.

About Corelight

Corelight provides security teams with network evidence so they can protect the world’s most critical organizations and companies. Corelight’s global customers include Fortune 500 companies, major government agencies, and large research universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek, the widely-used network security technology. For more information, www.corelight.com

Recent Posts