“There is an open approach that is currently rippling across the infosec industry that could give defenders the acceleration they need.” - John Lambert (Distinguished Engineer, Microsoft) By Greg Bell, CEO of Corelight I love this quote. I ... Read more »
SOC
Corelight Splunk App update: New dashboard and data
By Roger Cheeks, US-East Sales Engineer, Corelight In support of Corelight's latest software release, v19, we are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and the Corelight Technical Add-on ... Read more »
Zeek & Sigma: Fully compatible for cross-SIEM detections
By Alex Kirk, Corelight Global Principal for Suricata Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma, the only generic signature language that ... Read more »
New Corelight app for Splunk: Making network-based threat hunting easier
By Ed Smith, Senior Product Marketing Manager, Corelight Want to use Zeek (formerly Bro) network data in Splunk ES, but don’t know how to start or where to look? Need to quickly narrow down Zeek logs from a mountain, to a hill, to a h ... Read more »
The Elephant in the SIEM War Room
By Brian Dye, Chief Product Officer, Corelight Last week’s RSA announcements included a pair of new entrants in to the SIEM space, Google Chronicle’s Backstory and Microsoft’s Azure Sentinel. While the entry of larger players in ... Read more »