How to level up your technical documentation with Microsoft's style guide and LLMs
How AI can transform even Microsoft's own documentation to meet its style standards.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
How to enable Corelight's Anomaly Detection
In this video, we walk through the steps to enable Corelight's Anomaly Detection engine on a Corelight Sensor, and show what a sensor looks like after the baselining (learning) period has completed.
Unveiling Intrusions: Corelight NDR and CrowdStrike EDR in Action
Adversaries are deliberately attacking devices that are difficult to monitor with EDR. In this video, you’ll see how you can use Corelight’s Network Detection & Response (NDR) inside of CrowdStrike Falcon to paint the full picture of an intrusion. NDR gives defenders the visibility they need to find intrusions on unmanaged devices of any type.
How NDR contributes to visibility and security in the cloud
Join Youssef Agharmine, the technical security expert from Corelight for a live webinar focusing on how to extend visibility and identify attacks during the transition to cloud infrastructure. What you’ll learn: This will be a technical presentation—we’ll be demoing Corelight in the cloud!
How To Threat Hunt in Encrypted Network Traffic
Threat hunters need evidence to find adversaries. Networks offer a broad and reliable source of evidence, helping hunters make sense of movement across their environment via an immutable record of activity. Traffic, unlike endpoints, cannot lie. But the rise of encryption complicates this picture, especially where decryption isn't an optimal or possible solution.
Corelight data and LLMs
Corelight has been an innovator and leader in AI and Large Language Model (LLM) adoption for almost 2 years. We introduced our first use of LLMs in our Open NDR platform Investigator in November of 2023. Since then, we have continued to push the boundaries of the possible by working with AI model builders on cybersecurity-specific training and expanding LLM use within Investigator to include data analysis and summaries.
Corelight announces industry's first MCP server exposing detailed network data and alerts
Corelight’s GenAI Accelerator Pack features the industry's first Model Context Protocol (MCP) server, specifically designed to facilitate easier access to detailed network data and alerts for cybersecurity AI agents and enhance the analysis of network security information. The announcement comes at a pivotal moment for cybersecurity.
Unlock peak performance: hardware deduplication for enhanced network visibility
In today's complex network environments, ensuring complete visibility while optimizing resource utilization is paramount. Duplicate network traffic can overwhelm your monitoring infrastructure, create redundant alerts for SecOps, consume valuable storage, and obscure critical insights, making it harder for Network Detection and Response (NDR) solutions to spot genuine threats or anomalies. Network Packet Brokers often offer deduplication as a feature but it can add complexity and cost.
Advanced attacks: EDR alone is not sufficient
Your best defense against advanced attacks is your network. SOC teams need comprehensive network data to defend against attacks. Corelight combines industry-leading Zeek network metadata, multi-layered detections, packet capture (PCAP), and file analysis (YARA) for the best approach to network-driven defense. Disrupt attacks, address gaps within your security stack, and reduce risk to your organization with Corelight's NDR solution.
Data driven detection: Corelight's approach to AI-powered NDR
The Gordian knot of any detection strategy is knowing that two conflicting ideas are both true. On one hand, every SOC needs as much accurate detection coverage as they can get to find and disrupt attacks. On the other, the attackers you REALLY care about will find a way to bypass those detections so you need the ground truth of the attacker behavior on your network. The only answer is to have both: the absolute best data and the broadest detection suite possible on top of it.