Corelight Bright Ideas Blog: NDR & Threat Hunting Blog

Corelight Bright Ideas Blog

Featured Post

November 15, 2023

How Corelight Uses AI to Empower SOC Teams

The explosion of interest in artificial intelligence (AI) and specifically large language models (LLMs) has recently taken the world by storm. The duality of the power and risks that this technology holds is especially pertinent to cybersecurity. On one hand the capabilities of LLMs for summarization, synthesis, and creation (or co-creation) of... Read more »

Additional Posts

Black Hat NOC USA 2023: Leveraging Corelight’s Open NDR Platform for Network Operations (NetOps)

By Eldon Koyle – December 4, 2023

In this blog, I’ll share a few NetOps observations of the Black Hat network that I made during my time serving in the Black Hat Network Operations Center (NOC). My hope in doing so is to spark some ideas on how you can use an existing tool like Zeek... Read more »

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

By Allen Marin – November 27, 2023

At Corelight, we’re always striving to make the life of threat hunters and security analysts a little easier. It’s the reason we developed our Open NDR Platform that provides comprehensive, correlated network data and forensic evidence about... Read more »

How Corelight Uses AI to Empower SOC Teams

By Vince Stoffer – November 15, 2023

The Art of Team Building: Blueprints from the Black Hat NOC

By Dustin Lee – October 31, 2023

It has been a distinct honor to be a part of the Corelight team that helped defend this year’s Black Hat events. I started the event season in the Network Operations Center (NOC) at Black Hat Asia, and then capped it off at Black Hat in Las Vegas.... Read more »

Writing a Zeek package in TypeScript with ZeekJS

By Simeon Miteff – October 26, 2023

Zeek® is the world’s most widely used network security monitoring platform and is the foundation for Corelight network evidence. In this blog I share how to write a Zeek package in TypeScript with a new capability called ZeekJS that was released as... Read more »

Turning the tables on the infiltrator

By Ben Reardon – October 16, 2023

This article was originally featured in TechBeacon. Read more »

Black Hat NOC USA 2023: Five takeaways for SOC teams

By Mark Overholser – October 13, 2023

During this year’s Black Hat in Las Vegas, I learned (or was reminded of) many lessons working alongside my Corelight colleagues and Black Hat Network Operations Center (NOC) teammates from Arista, Cisco, Lumen, NetWitness and Palo Alto Networks.... Read more »

Enhance your search experience within Splunk by using the Corelight App

By James Schweitzer – October 11, 2023

The Corelight App for Splunk provides the foundation for organizations to boost SOC effectiveness and productivity by using Corelight data in Splunk. In this blog, I’ll walk through how the Corelight App leverages Splunk’s Common Information Model... Read more »

Using Corelight to Identify Ransomware Blast Radius

By Chris Brown – September 29, 2023

Over the past few months, ransomware targeting healthcare organizations has been on the rise. While ransomware is nothing new, targeting healthcare organizations, at the extreme, can impact an organization’s ability to engage in anything from... Read more »

How Can Kill Webs Change Security Thinking?

By Richard Bejtlich – September 21, 2023

In my previous article, I proposed ways that modern network-derived evidence applies to the cyber kill chain—a concept created by Eric Hutchins, Michael Cloppert, and Rohan Amin that changed how security teams approach defending their digital... Read more »

Load Older Posts

Corelight Bright Ideas Blog

Featured Post

How Corelight Uses AI to Empower SOC Teams

Additional Posts

Black Hat NOC USA 2023: Leveraging Corelight’s Open NDR Platform for Network Operations (NetOps)

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

How Corelight Uses AI to Empower SOC Teams

The Art of Team Building: Blueprints from the Black Hat NOC

Writing a Zeek package in TypeScript with ZeekJS

Turning the tables on the infiltrator

Black Hat NOC USA 2023: Five takeaways for SOC teams

Enhance your search experience within Splunk by using the Corelight App

Using Corelight to Identify Ransomware Blast Radius

How Can Kill Webs Change Security Thinking?

Recent Posts

Sign up for our newsletter

Locations

1 (888) 547-9497

We're hiring!

Sign up for blog updates

Featured Post

Additional Posts

Recent Posts

Sign up for blog updates