CONTACT US
CONTACT US

START HERE

Evidence-based security

 

WHY CORELIGHT

Complete visibility

Next-level analytics

Faster investigation

Expert hunting

    CORELIGHT LABS

    Recent research

    Mission and team

    Insights

    Polaris program

      TRENDING TOPICS

      Encrypted traffic

       

      VERTICALS

      Federal
        ad-images-nav_0001_SANs thumb

        SANS Protects: The Network

        DOWNLOAD WHITE PAPER

        ad-images-nav_0009_Threat-hunting-guide

        Threat hunting guide

        GET THE GUIDE

        OVERVIEW

        Open NDR Platform

        Analytics & detections

         

        PRODUCTS

        Zeek®-based evidence

        IDS

        Smart PCAP

        Investigator

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Mandiant

            Microsoft

            Splunk

            View all

             

            USE CASES

            Case Studies

            View all
              ad-nav-crowdstrike

              Corelight now powers CrowdStrike solutions and services

              READ MORE

              ad-images-nav_0013_IDS

              Alerts, meet evidence.

              LEARN MORE ABOUT OUR IDS SOLUTION

              ad-images-nav_white-paper

              5 Ways Corelight Data Helps Investigators Win

              READ WHITE PAPER

              BLOG

              Read the latest

                EVENTS

                Meet with us

                  DEMOS

                  Get a demo
                    ad-images-nav_0000_Thinking-like-a-threat-actor

                    Thinking like a Threat Actor: Hunting the Ghost in the Machine

                    WATCH THE WEBCAST

                    ad-images-nav_0006_Blog

                    Don't trust. Verify with evidence

                    READ BLOG

                    ABOUT US

                    About Corelight

                    Careers

                    Leadership

                    Investors

                    Newsroom

                    Apex Awards

                      CHANNEL PARTNERS

                      Partner Program

                      Deal registration

                      Partner Academy

                      Become a Partner
                          ad-nav-NDR-for-dummies

                          NDR for Dummies

                          GET THE WHITE PAPER

                          ad-nav-video

                          The Power of Open-Source Tools for Network Detection and Response

                          WATCH THE WEBCAST

                          ad-nav-ESG

                          The Evolving Role of NDR

                          DOWNLOAD THE REPORT

                          SUPPORT SERVICES

                          Open a ticket

                          Account login

                          Technical bulletins

                          Report a security vulnerability

                            WORLD-CLASS SUPPORT

                            Support overview
                                ad-images-nav_0006_Blog

                                Detecting 5 Current APTs without heavy lifting

                                READ BLOG

                                Corelight Bright Ideas Blog

                                Featured Post

                                Additional Posts

                                Key takeaways from RSA 2023: #BetterTogether and AI in security

                                By Ed Smith – May 8, 2023

                                Whether or not you made it to RSA 2023, here are two key themes we saw throughout this year’s conference. Read more »

                                New Sliver C2 Detection Released - Redteam detected

                                By Corelight Labs Team – May 4, 2023

                                We are excited to announce the release of a new detection package “Sliver”, which identifies and raises alerts related to the Sliver C2 framework. This new package joins our industrial-strength C2 Collection and uses a variety of techniques to... Read more »

                                How SOCs can level up their PCAP game with Smart PCAP

                                By Roger Cheeks – May 3, 2023

                                This blog post is the first in a 2 part series on Corelight Smart PCAP.  Tune in next week for part two where we’ll take a deep dive look at Corelight’s PCAP functionality and workflows that accelerate security investigations.  Read more »

                                Corelight Open NDR Now Helps Defend Black Hat Events

                                By John Gamble – April 18, 2023

                                  Read more »

                                Expand visibility around authentication and application anomalies with Corelight’s new LDAP analyzer

                                By Vince Stoffer – March 20, 2023

                                Comprehensive visibility into network protocols is a hallmark of Zeek (and therefore Corelight) data. That's why we are very happy to announce that with our v27.2 release we are supporting a new analyzer for the LDAP protocol. You likely know LDAP... Read more »

                                Corelight Investigator introduces new Machine Learning Models

                                By Sara Shuman – January 31, 2023

                                Corelight Investigator furthers its commitment to delivering next-level analytics through the expansion of its machine learning models. Security teams are now enabled with additional supervised and deep learning models, including: Read more »

                                Corelight for the everywhere cloud

                                Corelight for the everywhere cloud

                                By Ed Amoroso, founder and CEO of TAG Cyber (guest) – January 17, 2023

                                Editor's note:  This is the first in five-part series authored by Ed Amoroso, founder and CEO of TAG Cyber, which will focuses on how the Corelight platform reduces network security risks to the so-called Everywhere Cloud (EC). Such security... Read more »

                                Corelight launches the Entity Collection

                                Corelight launches the Entity Collection

                                By Vince Stoffer – December 13, 2022

                                Corelight Labs, our amazing research team, has been hard at work on another content collection which we are excited to introduce: the Corelight Entity Collection. Read more »

                                Replace IDS and extend entity visibility

                                Replace IDS and extend entity visibility

                                By John Gamble – December 8, 2022

                                Today, as a part of our v27 software release, we are launching enhanced IDS rules management functionality, extending analyst visibility around hosts, devices, users, and more, and upgrading the Corelight Software Sensor to give customers more NDR... Read more »

                                Zeek on Windows

                                By Tim Wojtulewicz – December 5, 2022

                                Editor's note: This post was originally published on the Zeek.org blog on Nov. 28, 2022. Reposted here in full with permission as a courtesy. Read more »

                                Search

                                  Recent Posts

                                  Categories

                                  See all

                                  Archives

                                  See all

                                  Authors

                                  See all