Headed to BlackHat EU? 🇬🇧
Swing by the @corelight + GreyNoise booth for a chat and then grab drinks with the team after the con on Wednesday, Dec 10th. Sign up today to reserve your spot!
Corelight
Corelight transforms network/cloud activity into evidence so defenders can stay ahead of ever-changing attacks.
Corelight boosted:
We’re thrilled to announce that Corelight has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Network Detection and Response! 🎉
To us, this recognition reflects our capabilities in executing and delivering a comprehensive vision for NDR, with deep visibility and the ability to detect advanced threats. Our focus on structured network evidence, multi-layered detection, and integrating AI into SOC workflows continues to set us apart.
Curious about what’s behind this recognition? Head to the full blog to learn more about how we’re helping organizations detect, investigate, and respond to threats faster and more accurately.
Malware can be stealthy and hard to detect. Here’s how network visibility is a crucial piece to staying vigilant and keeping it out of your network. 👇
Distributed Denial-of-Service (DDoS) attacks can bring down your systems. Here’s how early detection can protect against them. 👇
As organizations move to multi-cloud environments, securing network traffic becomes increasingly complex. Corelight’s Open NDR offers the deep visibility needed to spot threats across both cloud-native and on-prem traffic. The real challenge isn’t just detecting threats, but understanding them in context.
In the cloud, visibility is critical for staying ahead of attackers, ensuring compliance, and maintaining a proactive security posture.
🔗 Learn how Open NDR empowers security teams to protect cloud environments with our free guide: https://go.corelight.com/a-cloud-architects-guide-to-network-security?utm_source=msdtn&utm_medium=organic-social&utm_campaign=ebook&utm_adgroup=architect-guide&utm_content=SSI
Recent state-sponsored campaigns like Volt and Salt Typhoon demonstrate how traditional endpoint detection and response (EDR) tools alone aren’t enough to detect and stop highly sophisticated threats.
Attackers are exploiting vulnerabilities in unmanaged network appliances and using "living-off-the-land" tactics, blending into legitimate network traffic to avoid detection.
The solution? Shifting focus from just endpoint protection to comprehensive network visibility and detection. Network visibility is critical to identifying these threats early and preventing further damage.
🔗 Read the full blog to discover how attackers are bypassing EDR and why network-based detection is crucial for closing the gaps: https://corelight.com/blog/volt-typhoon-salt-typhoon-edr?utm_source=mstdn&utm_medium=organic-social&utm_campaign=blog&utm_adgroup=typhoon-season&utm_content=SSI
Living off the land attacks often go unnoticed, but they could be lurking in your network. Let’s dive into why visibility is so important when it comes to detection. 👇
At SCinet 2024, Eldon Koyle, Principal Technical Marketing Engineer at Corelight, was threat hunting using data from Corelight sensors in one of the fastest, most open research networks ever created.
👉 His key takeaway? Context is everything.
In high-speed environments, security teams can’t rely solely on alerts. They need data that paints a clearer picture of any suspicious behavior on the network. Enriched network logs provide critical visibility, helping threat hunters connect the dots and make more informed decisions in real time.
With vast amounts of data moving across the network, how do you ensure your security team has the visibility needed to identify and assess threats before they escalate? Read Eldon’s full insight his latest blog 🔗 https://corelight.com/blog/threat-hunting-at-scinet-24?utm_source=msdtn&utm_medium=organic-social&utm_campaign=blog&utm_adgroup=SCinet2024&utm_content=quote
Cloud-based AI models like DeepSeek offer convenience, but they introduce privacy concerns—especially when handling sensitive network data.
Instead, run DeepSeek locally. Learn how to use Zeek®️ and the DeepSeek-r1 model with Ollama and Open WebUI to securely and efficiently summarize Zeek package contents, without exposing your data to the cloud.
Keep your investigations in-house and benefit from: 🔐 Enhanced security—no cloud exposure ⚡️ Improved efficiency in Zeek summarization with local AI processing ⚙️ Full control and privacy when working with network monitoring scripts
Take control of your data and investigations, all while improving efficiency.
🔗 Read more on the blog: https://corelight.com/blog/secure-deepseek-zeek-analysis?utm_source=mstdn&utm_medium=organic-social&utm_campaign=blog&utm_adgroup=deepseek&utm_content=SSI
Cyberattacks targeting critical infrastructure are rapidly evolving.
"The energy sector is a major target, and these attacks can cripple organizations if we don't improve our visibility." 💬 Gregory Bell, Corelight Co-founder
In the latest episode of CrowdStrike's Adversary Universe podcast, Greg discusses the challenges of securing critical devices across OT and IT environments in the energy sector, where solutions like EDR aren’t always feasible. These vulnerabilities make prime targets for sophisticated attacks like Volt Typhoon and Salt Typhoon, emphasizing the critical need for complete network visibility to stay one step ahead.
Network visibility is crucial for early threat detection, whether that involves hidden vulnerabilities or sophisticated attackers operating under the radar.
👉 Listen to the full episode with Greg Bell, Adam Meyers, and Cristian R.: https://crowdstrike.podbean.com/e/putting-a-spotlight-on-energy-sector-threats-with-corelights-greg-bell/
Corelight is excited to announce the launch of our AI-powered Investigator #SaaS NDR platform on AWS in the Middle East! 🌟
This release is designed to ensure data residency, sovereignty and compliance while providing real-time visibility and advanced detections powered by AI.
Here’s what you can expect 📷
→ Local data residency with lower operational costs
→ Improved performance and scalability
→ Comprehensive visibility across hybrid environments → Custom detections for stealthy cloud attacks
→ Faster incident response with detailed evidence
Check out the full details here 📷https://go.corelight.com/ai-powered-ndr-saas-platform-aws?utm_source=mstdn&utm_medium=organic-social&utm_campaign=launch&utm_adgroup=awsuae&utm_content=ssi… #NDR #CloudSecurity #AI #DataSovereignty #AWSMiddleEast
🔍 "If you can’t see what’s happening on your network, you can’t defend it." – Brian Dye, CEO of Corelight.
What if the biggest threat isn’t something from outside, but something that’s already inside your network?
In the latest episode of Exploring Information Security, Brian Dye discusses with Timothy De Block the challenge of detecting Living off the Land (#LotL) attacks, why gaining complete network visibility is crucial for defending against these evolving threats, and much more... 👀
🎧 Catch the full episode here: https://exploresec.com/eis/2024/1/2/shownotes-template-y3ecp-l5yfp-7d4gw
🔍 DNS investigations taking too long?
For one federal agency, investigations into DNS events were complex and slow. By integrating Corelight’s network detection platform, they consolidated data across systems, enabling faster, more accurate decision-making. The result? 75% faster DNS investigations.
Corelight doesn’t just aggregate data; it provides clear, actionable insights that save time and improve response.
Want to see how the power of Corelight's network data can improve your agency's security operations? 👉 https://corelight.com/solutions/verticals/federal?utm_source=mstdn&utm_medium=organic-social&utm_campaign=casestudy&utm_adgroup=dnsinvestigations&utm_content=carousel
We’re excited to announce our new integration with Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management. This means SOC teams can now streamline incident response, reduce alert fatigue, and focus on what really matters: high-priority risks.
With real-time enrichment from Corelight and Defender, teams can:
➡️ Prioritize alerts based on real-time environmental risks
➡️ Gain deeper visibility into all devices, even unmanaged ones
➡️ Speed up investigations and remediation
As Todd Wingler, Corelight Vice President, Global Alliances and Channels, puts it 💬 "Corelight is now the only NDR vendor providing real-time enrichment with data from the top three EDR vendors, enabling our customers to conduct more streamlined investigations resulting in quicker remediation."
🔗 Discover how this integration enhances your SOC: https://corelight.com/company/newsroom/news/corelight-enhances-network-visibility-and-detection-coverage-with-insights-from-microsoft-defender?utm_source=mstdn&utm_medium=organic-social&utm_campaign=press-release&utm_adgroup=microsoft-defender&utm_content=SSI
#Cybersecurity #NetworkSecurity #NDR #EDR #SOC #MicrosoftDefender
Senior Cybersecurity Analyst in the Education Industry gives Corelight Sensors 5/5 rating in Gartner Peer Insights in the Network Detection and Response Market.
️️️️⭐️⭐️⭐️⭐️⭐️
️
Read the full review here:
https://www.gartner.com/reviews/market/network-detection-and-response/vendor/corelight/product/corelight-sensors/review/view/5879568
🎬 We’re getting camera-ready for something exciting on BFM Business! 😎
Corelight hits the spotlight on January 23rd - stay tuned for more details! 👀
#BFMTV #Cybersecurity #NetworkSecurity #FocusEntreprises #ChloéMarouzé #MalthideWessels #OpenMedias #BTS
Corelight’s Director of Technical Marketing Engineering, James Pope, gave Dan Raywood of SC Media UK an inside look at the Black Hat Europe NOC, where every second counts. From securing networks to detecting threats, the NOC team ensures the event runs smoothly, with Corelight providing critical visibility.
Check out the full article to see how Corelight’s visibility and threat detection are powering real-time security at one of the world’s largest cybersecurity events: https://insight.scmagazineuk.com/an-hour-in-the-black-hat-network-operations-centre
Join us on January 14, for “Beyond EDR: Embracing the Network-Driven Cyber Defense” — a must-attend webinar that dives into the future of threat detection.
Corelight's experts Jean Schaffer and Vincent Stoffer, alongside GuidePoint Security’s Jean-Paul Bergeaux, will break down why YARA integration is a game-changer in detecting threats beyond traditional EDR tools.
Don’t miss the chance to enhance your security stack with actionable insights from the industry leaders.
📅 Save your spot today! 🔗 Register now: https://go.corelight.com/beyond-edr-embracing-network-driven-cyber-defense?utm_source=mstdn&utm_medium=organic-social&utm_campaign=webinar&utm_adgroup=yara&utm_content=SSI
🎤 Meet our expert panel for "Unexplained Cloud Phenomenon":
- David Burkett, Corelight Security
Researcher
- Rob Solomon, AWS Cloud Architect
- Jenn Reed, AWS Security Solutions Architect
- Edward Smith, Corelight Alliances Director
They’ll break down how reliable data sources and visibility keep your cloud secure.
👽 Tune in for tips and lessons from cloud security experts.
📅 January 28 at 10 AM PT
🔗 Register today: https://go.corelight.com/unexplained-cloud-phenomenon
👽 What do UFOs and cloud security have in common? It’s all about distinguishing fact from fiction! 🌥️
Join us for, “Unexplained Cloud Phenomenon: What the resurgence of UFOs can teach us about cloud security,” where experts from Corelight, AWS, and CrowdStrike share their insights on cloud SecOps.
You'll learn:
How to avoid cloud security misinformation
The role of high-quality data in securing your cloud environments
Practical tips from experts in the field
📅 Mark your calendars for January 28, 2025 at 10 AM PT!
🔗 Register now: https://go.corelight.com/unexplained-cloud-phenomenon
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst