Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Corelight

Corelight Recognized as a Leader in the 2025 Gartner Magic Quadrant for Network Detection and Response

May 29, 2025 By Ashish Malpani In Corelight
Network Detection and Response (NDR) has emerged as a must-have capability of modern security operations (SecOps). NDR provides deep visibility, detection of advanced threats that evade other security tools, and rapid response capabilities to address the SecOps challenges of incomplete visibility, detection gaps, high SIEM and storage costs, and tool sprawl that impact accuracy, speed, and efficiency.
Read Post
Corelight

How to Threat Hunt for Volt Typhoon Using NDR

May 12, 2025 By Jason Wood In Corelight
Whether they use custom implants for persistence, zero days for initial access, or live off the land (LOTL) to avoid detection, finding a state-sponsored adversary group can be a challenging proposition for defenders. This can be particularly true for adversaries that are sponsored by the People’s Republic of China (PRC). Historically, their focus has been on espionage and intellectual property theft.
Read Post
Corelight

Edge exploits, EDR blind spots, 51-second breakouts

Apr 30, 2025 By Vijit Nair In Corelight
For every advancement in defense, attackers supply the equal and opposite adaptation. In the last few years EDRs have become so effective that adversaries have radically shifted gears. That shift shows up unmistakably in three heavyweight reports—Verizon’s DBIR, Mandiant’s M-Trends, and CrowdStrike’s Global Threat Report. Here’s how I’m stitching their data together.
Read Post
Corelight

Cloud your way: Expanding threat visibility to meet the unique needs of your business

Apr 29, 2025 By Allen Marin In Corelight
Let’s face it: The cloud has become the go-to platform for modern infrastructure—and for good reason. Scalability, flexibility, and speed are hard to beat. But as organizations increasingly rely on the cloud to run their critical operations, the threat landscape is evolving just as fast. And attackers? They’re getting smarter, stealthier, and more cloud-savvy by the day. That’s why monitoring cloud network traffic is no longer optional—it’s essential.
Read Post
Corelight

Your Network Evidence, Your SIEM, your way: Corelight's open SIEM strategy empowers SOCs with a unified experience

Apr 25, 2025 By Ricky Lin In Corelight
Security operations centers (SOCs) are under constant pressure to keep their organizations secure, while battling alert fatigue, tool sprawl, and ever-rising demands for speed and precision. Analysts today face an overwhelming landscape where context is thin, telemetry is inconsistent, and critical signals are buried in noise. At Corelight, we’re focused on one simple idea: Your network evidence should work wherever your SOC team does.
Read Post

Corelight's Vincent Stoffer on Why Enterprises Can't Rely Only on Endpoint Security

Apr 24, 2025 By Corelight In Corelight
The cybersecurity industry's heavy reliance on endpoint detection and response tools has created significant vulnerabilities, particularly around IoT devices and operational technology that cannot be monitored using traditional security tools, according to Vincent Stoffer, field CTO at Corelight. This growing attack surface, combined with sophisticated threat actors who exploit any available entry point, has pushed organizations to reevaluate their security strategies and consider more comprehensive network monitoring approaches.
View Video
Corelight

How Corelight's anomaly detection enhances network security

Apr 15, 2025 By Cynthia Gonzalez In Corelight
Signature-based detections provide fast, effective defense against known attacks. But the threat landscape is rapidly changing: Attackers are utilizing novel, sophisticated techniques that can bypass traditional, signature-based detection methods and also weaponizing legitimate tools and processes to avoid established detection tools, including endpoint detection. In this dynamic environment, organizations must in turn deploy new detection techniques to keep pace.
Read Post
Corelight

Leveraging map-reduce and LLMs for enhanced cybersecurity network detection

Mar 25, 2025 By Keith J. Jones In Corelight
In my security research role at Corelight, I often have to go through large, complex data sets to detect subtle anomalies and threats. It reminds me of a famous quote by Abraham Lincoln: Give me six hours to chop down a tree and I will spend the first four sharpening the axe. For me, that means investing time up front to build tools that allow a large language model (LLM) to do the heavy lifting on key tasks, namely those that teams of analysts would have handled in the past.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.