Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Corelight

Black Hat Asia 2026: Everything from cat feeders to solar farms

Jun 10, 2026 By Ben Reardon In Corelight
There is a saying you will hear from veterans in the Black Hat Network Operations Center (NOC): “Threat hunting on the Black Hat network is like trying to find a needle in a stack of needles." With dozens of training classes running live exploit chains, capture-the-flag traffic, and researchers probing every corner of the internet, our Corelight sensors generate a rich set of Zeek logs, many of which can look suspicious in varying degrees.
Read Post
Corelight

The North Korean IT worker scam: Defending against the modern insider threat

Jun 8, 2026 By Tim Chiu In Corelight
The threat is coming from inside the organization. It is coming from a laptop farm three states over, routed through a proxy, and operated by a threat actor sitting on the other side of the globe. We are witnessing a massive shift in how adversaries breach organizations. They no longer need to spend weeks probing your external firewalls or crafting the perfect zero-day exploit. Instead, they simply update their resumes, pass your interview process, and your IT department ships them a corporate device.
Read Post

Episode 16 - Beyond the Black Box: Solving Data Overload with Agentic Triage

Jun 4, 2026 By Corelight In Corelight
In this episode, host Richard Bejtlich sits down with Dave Getman to discuss the evolution of Corelight Investigator and the paradigm shift from delivering raw sensor data to providing agentic triage. They explore how AI can synthesize millions of log lines into concise, actionable determinations—categorizing activity as malicious or benign—while maintaining transparency by "bringing the receipts" of raw evidence. Dave explains why the security pendulum is swinging back toward network detection to counter sophisticated EDR evasion and shares a roadmap for the future of auto-containment.
View Video
Corelight

Identity in the SOC: Why network visibility still matters in the age of the identity perimeter

Jun 4, 2026 By Richard Petrie In Corelight
Long gone are the days where usernames were all you needed to secure a network. The same is true for your Security Operations Center (SOC) analysts trying to investigate a threat. "Who is jdoe05 and why are they logging into this server?" is a critical question to answer during an investigation, one that neither NDR (Network Detection and Response) nor EDR (Endpoint Detection and Response) can answer directly. Enter the Identity Provider (IdP).
Read Post

Provably better data

Jun 3, 2026 By Corelight In Corelight
Every security vendor says their data is better. Corelight decided to test that claim directly. Using real nation-state attack scenarios, including Salt Typhoon-related activity, the same AI model was evaluated against multiple security data sources to measure investigation accuracy, threat visibility, and incident response coverage. The only variable was the data.
View Video
Corelight

Bridging the gap: How Corelight and Crowdstrike Charlotte AI are redefining SOC investigations

Jun 3, 2026 By Adam Pumphrey In Corelight
For years, SOC analysts have lived in a world of swivel-chair analysis. When an alert fires in an endpoint tool, the next step is almost always a manual pivot to a network console to see if the network reality matches the host behavior. This manual back-and-forth isn't just tiring; it’s a window of opportunity for attackers. Corelight is excited to highlight a new integration with CrowdStrike Charlotte AI.
Read Post
Corelight

Corelight brings unique network data into Cisco Cloud Control

Jun 2, 2026 By Corelight In Corelight
Corelight, a leader in fueling the AI SOC, today announced that it is providing industry-leading data to power AI investigations of emerging threats through an integration of Corelight Open NDR into Cloud Control Studio. Cloud Control Studio is the design space within Cisco Cloud Control, Cisco’s unified platform for agentic IT operations, where customers can build AI agents and connect them to non-Cisco tools.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.