Artificial Intelligence & Machine Learning
                                                    ,
                                                            Network Detection & Response
                                                    ,
                                                            Next-Generation Technologies & Secure Development
                                                                                                                                            
                    SaaS Enhancements Aim to Boost Network Detection, Response for Small Security Teams
                
Attackers are using generative AI to deploy sophisticated techniques previously limited to elite hackers such as living off the land or lateral movement, said Corelight CEO Brian Dye.
See Also: Delivering ROI on AI: How AI transforms customer support efficiency
The San Francisco-based network detection and response provider has used gen AI for natural language translation of alerts, enabling analysts to understand security events even if they’re not experts in the underlying technologies, Dye said. Corelight also offers payload summarization and investigation guidance, helping junior analysts act with the confidence and efficiency of more seasoned professionals (see: Corelight’s Brian Dye on NDR’s Role in Defeating Ransomware).
“Even we think about some of our customers’ biggest problems like living off the land and lateral movement, those used to be just the purview of very, very elite attackers,” Dye said. “But now, the Gen AI tools are letting them actually democratize those techniques to the mid-tier attackers far, far faster than we would have seen historically.”
In this video interview with Information Security Media Group, Dye also discussed:
- Adding endpoint and vulnerability context to network telemetry;
- Use of YARA for static file analysis and broader detection coverage;
- Financial services: regulatory complexity and Gen AI customization.
Dye has deep leadership experience across infrastructure security, information security, cloud security services and security management. He joined Corelight in 2018 from McAfee, where he was executive vice president of the Corporate Products Group, leading the global corporate security product portfolio. Prior to that, he led the Mobile Platforms Group at Citrix and spent more than a decade at Symantec.

