Corelight Unveils Corelight Labs, a Hub for Research and Innovation
Corelight, provider of the industry’s leading open network detection and response (NDR) platform, has launched Corelight Labs, a research team within the company dedicated to providing cutting-edge content that enables complete, detailed monitoring of enterprise network activity for threat hunting, analysis, and response. Under the leadership of Dr. Vern Paxson, co-founder and chief scientist at Corelight, the team is comprised of security researchers with decades of collective experience in academia and security research roles at some of the world’s leading consumer brands, enterprises, government agencies and universities.
Joining the Corelight Labs team of security researchers is a group of seasoned data scientists, artificial intelligence and security operations experts from PatternEx, a key vendor in the AI-for-security-operations space, following Corelight’s acquisition of the company last year.
“It has been a privilege to attract some of the brightest minds in network security and data science to Corelight and to bring them together as our core research team,” said Paxson. “The experience and excellence they bring to the problems we tackle makes it exhilarating to lead them. This shows in the sophistication of the content collections the team produces, as well as in their ability to quickly respond to recent security exploits, such as the PetitPotam and OMIGOD incidents.”
Corelight Labs research fuels innovation for new insights and capabilities that help to power the Corelight Sensor portfolio. “The expertise this team brings to the table has led to collections of data insights that empower Corelight’s customers to effectively counter the latest threats,” added Paxson.
Corelight Labs contributions to the Corelight Sensor portfolio include:
- Corelight C2 Collection: helps customers find command-and-control activity with over 50 unique insights and detections. This collection covers both known C2 toolkits and MITRE ATT&CK C2 techniques to find new attacks.
- Corelight Encrypted Traffic Collection: offers dozens of novel insights into SSL, SSH, and RDP connections, along with encrypted insights from the Zeek community like JA3 — all without decryption.
- Corelight Core Collection: combines proprietary Corelight packages that help sensors scale in high-throughput environments, along with curated insights developed by the Zeek community.
[To share your insights with us, please write to firstname.lastname@example.org]