Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Corelight Agentic Triage demo

Mar 23, 2026 By Corelight In Corelight
Corelight is excited to introduce Agentic Triage! In this demo, you can see how Agentic Triage helps SOC analysts filter through alerts and respond quickly to active threats. We combine generative AI with our industry leading log framework to identify the detections and cases that truly matter. This video shows how you can use Agentic Triage to quickly perform deep dives into open detections and make confident decisions to secure your network.
View Video

Corelight Agentic Triage overview

Mar 23, 2026 By Corelight In Corelight
Corelight is excited to introduce Agentic Triage! In this demo, you can see how Agentic Triage helps SOC analysts filter through alerts and respond quickly to active threats. We combine generative AI with our industry leading log framework to identify the detections and cases that truly matter. This video shows how you can use Agentic Triage to quickly perform deep dives into open detections and make confident decisions to secure your network.
View Video
Corelight

Fueling Cisco XDR with Corelight high-fidelity network evidence

Mar 19, 2026 By Cody Spooner In Corelight
From hunting threats to solving complex problems to coding on a couch, adventures in the Black Hat NOC (Network Operations Center) are always interesting. Over the last few months and several shows, I’ve had the privilege of working with one of the other NOC partners, Cisco, to design and test our first integration between Corelight Investigator and Cisco XDR.
Read Post
Corelight

From alerts to entities: Transforming the SOC with Corelight Agentic Triage

Mar 18, 2026 By Muzzafer Pasha In Corelight
The cybersecurity landscape has fundamentally shifted in the last several years. Adversaries are no longer just using AI to draft phishing emails; they're deploying autonomous AI agents capable of executing end-to-end attack chains, from initial reconnaissance through lateral movement and data exfiltration. Anthropic's1 analysis of recent incidents indicates a rapid acceleration in attacker adoption of agentic workflows, dramatically shortening the time between initial access and impact.
Read Post
Corelight

Why geopolitical tensions should raise cyber awareness

Mar 16, 2026 By Vince Stoffer In Corelight
When geopolitical tensions rise, cybersecurity quickly becomes part of the public conversation. Government agencies issue warnings. Security teams increase monitoring. Headlines start asking which organizations could become targets if cyber operations escalate alongside physical conflict. But geopolitical conflict does not suddenly create cyber risk. What it does increase is the likelihood that existing weaknesses will be tested and pre-existing risks could be exposed.
Read Post
Corelight

Black Hat Europe 2025: Lessons from the NOC

Feb 27, 2026 By Mark Overholser In Corelight
With the holiday season all wrapped up (pun definitely intended), I finally have time to sit down and digest what we saw in the network traffic at Black Hat Europe 2025 while working alongside the other Network Operations Center (NOC) partners: Arista, Cisco, Jamf, and Palo Alto Networks. As usual, there is a mix of the expected, a dash of the unexpected, and some lessons for newcomers and greybeards alike. Let’s get into it.
Read Post

Episode 9 - Federal Cyber Defense: Legacy Debt, Cloud Shifts, and Network Truth

Feb 26, 2026 By Corelight In Corelight
Richard Bejtlich sits down with Jean Schaffer, Corelight’s Federal CTO, to discuss the unique hurdles facing government agencies in an era of escalating state-sponsored threats. Jean highlights the persistent challenge of legacy IT infrastructure and the "technical debt" that complicates modernization efforts across the Department of Defense, the intelligence community, and the civilian sector. The conversation explores the strategic shift toward cloud adoption as a means to decommission vulnerable on-premise hardware and the evolving "whole of nation" defense strategy that requires deeper public-private partnerships.
View Video
Corelight

Corelight at SC25: A laboratory for securing the fastest conference network

Feb 17, 2026 By Mark Overholser In Corelight
I’ve worked as a threat hunter in several Black Hat Security Conference Network Operations Centers (NOCs) across the globe. So I didn’t expect to be surprised by much when signing on to be a part of the NOC for SCinet—a conference that has the “fastest conference network in the world.” And yet I was surprised by just how diverse the SCinet NOC team was, how collaborative the environment was, and how much we were able to achieve with automation in such a short amount of time.
Read Post

Episode 8 - Enterprise Nervous System: Using Network Signal to Direct Business Strategy

Feb 12, 2026 By Corelight In Corelight
In this episode of Corelight Defenders, I’m joined by Bernard Brantley, Chief Information Security Officer at Corelight, as we delve into the concept of the enterprise nervous system. Bernard shares insights from his extensive experience in network analysis, explaining how organizations can leverage their network traffic data to enhance security and drive business outcomes. We discuss the importance of understanding the interdependencies between assets, processes, and goals, and how security teams can position themselves as integral to business success rather than just risk mitigators.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.