Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

It all comes down to the data: unlocking the potential of AI in the SOC

This is a fascinating moment. Whether you think Generative AI is over-hyped or not, our technology landscape has been shocked by capabilities we couldn’t imagine a few years ago. And I do mean shocked. What’s underway is too rapid and uncanny to describe in terms of evolution. We are living through something different.

Detecting EDR Evasion with Corelight Open NDR

This video walks through how Corelight Open NDR helps security teams detect EDR evasion by delivering complete visibility across all network assets. Using a real-world scenario, the video demonstrates how anomaly detection uncovers suspicious activity, mapping events directly to MITRE ATT&CK techniques. The investigation process highlights the detection of an anomalous user agent, which ultimately reveals a Linux privilege escalation toolkit.

Hunting GTPDOOR: The case of the "Black Hat Positive"

Ben Reardon, Lead Researcher Corelight Labs / NOC crew I'm a researcher on the Labs team at Corelight and, for me, working in the Black Hat Network Operations Center (NOC) at the USA show in Las Vegas is up there as one of the most interesting and intense activities on the calendar.

The Network Detection & Response (NDR) platform trusted by top cybersecurity teams

Proven in the world’s most demanding environments, Corelight’s Open NDR Platform illuminates network blind spots and uncovers hidden threats to disrupt attacks before they escalate. Get unified visibility, multi-layered AI-driven threat detections, AI-powered triage workflows, and industry-leading forensic capabilities in one unified platform. Elite defense, now within reach of the enterprise.

Unveiling Intrusions: Corelight NDR and CrowdStrike EDR in Action

Adversaries are deliberately attacking devices that are difficult to monitor with EDR. In this video, you’ll see how you can use Corelight’s Network Detection & Response (NDR) inside of CrowdStrike Falcon to paint the full picture of an intrusion. NDR gives defenders the visibility they need to find intrusions on unmanaged devices of any type.

How NDR contributes to visibility and security in the cloud

Join Youssef Agharmine, the technical security expert from Corelight for a live webinar focusing on how to extend visibility and identify attacks during the transition to cloud infrastructure. What you’ll learn: This will be a technical presentation—we’ll be demoing Corelight in the cloud!

How To Threat Hunt in Encrypted Network Traffic

Threat hunters need evidence to find adversaries. Networks offer a broad and reliable source of evidence, helping hunters make sense of movement across their environment via an immutable record of activity. Traffic, unlike endpoints, cannot lie. But the rise of encryption complicates this picture, especially where decryption isn't an optimal or possible solution.