Expanded Gen AI dominance in Network Detection and Response (NDR) by Corelight, demonstrated through the introduction of a new MCP Server and Predefined Prompt Playbooks, designed to expedite alert triage and resolution processes.

Expanded Gen AI dominance in Network Detection and Response (NDR) by Corelight, demonstrated through the introduction of a new MCP Server and Predefined Prompt Playbooks, designed to expedite alert triage and resolution processes.

San Francisco-based Corelight, a global leader in transforming network and cloud activity into evidence for security teams, has announced the private preview of its GenAI Accelerator Pack. This innovative solution is designed to accelerate and enhance Security Operations Center (SOC) workflows by combining industry-standard network evidence with the power of large language models (LLMs).

The GenAI Accelerator Pack offers several key features, including the industry's first Model Context Protocol (MCP) Server, Analyst Assistant Promptbooks, and Investigation Promptbooks. These tools provide semantic access to standard network data and alerts for AI-driven analysis across multiple SOC platforms and LLMs.

Empowering SOC Workflows Across Platforms

The GenAI Accelerator Pack aims to streamline SOC operations by:

• Offering native semantic access to industry-standard network evidence, making it easier to integrate with various SIEM (Security Information and Event Management) and SOC platforms.
• Fueling GenAI-powered workflows that expedite alert triage, automate investigations, and support analysts with AI-driven insights.
• Supporting flexible analyst activities through deep integrations and prompt content designed to work with various large language models and security platforms.
• Enabling faster and more effective threat detection and response by combining AI/ML detections from Corelight's multi-layered detection engine with GenAI to guide and speed up investigations.
• Powering the AI-enabled or "agentic" SOC, facilitating collaboration between AI agents and human analysts for improved security outcomes.

Accessing the GenAI Accelerator Pack

Access to the Corelight GenAI Accelerator Pack can be granted by engaging with Corelight's account teams. The private preview is currently available to existing Corelight customers.

Corelight's headquarters are located in San Francisco, and the company was founded by the creators of Zeek®, a widely-used network security technology. Corelight is the sole provider of NDR capabilities in the Black Hat Network Operations Center (NOC) and can be followed on Twitter @corelight_inc.

For more information about the GenAI Accelerator Pack and Corelight's latest release in its AI journey, visit https://corelight.com/blog/llm-prompts-for-network-security. The GenAI Accelerator Pack will be live in the Black Hat NOC during the conference in Las Vegas, Aug. 2-7.

[1] Corelight. (2023). Corelight GenAI Accelerator Pack. [Online]. Available: https://corelight.com [2] Corelight. (2023). Corelight GenAI Accelerator Pack Private Preview. [Online]. Available: https://corelight.com/blog/genai-accelerator-pack-private-preview [3] Corelight. (2023). Enhancing SOC Workflows with the GenAI Accelerator Pack. [Online]. Available: https://corelight.com/blog/enhancing-soc-workflows-with-the-genai-accelerator-pack [4] Corelight. (2023). Model Context Protocol (MCP) Server. [Online]. Available: https://corelight.com/blog/model-context-protocol-mcp-server [5] Corelight. (2023). Analyst Assistant Promptbooks and Investigation Promptbooks. [Online]. Available: https://corelight.com/blog/analyst-assistant-promptbooks-and-investigation-promptbooks

1. The GenAI Accelerator Pack, a groundbreaking solution by Corelight, is designed to boost Security Operations Center (SOC) workflows by integrating industry-standard network evidence with artificial intelligence (AI), especially large language models (LLMs), thereby empowering data-and-cloud-computing security teams.
2. To access the GenAI Accelerator Pack's private preview, one needs to connect with Corelight's account teams, with the option currently available only for existing Corelight customers.
3. By adopting the GenAI Accelerator Pack, users can advance their cloud security by streamlining operations through various SIEM and SOC platforms, combining AI/ML detections from Corelight's multi-layered detection engine, and leveraging AI-powered collaborations between agents and human analysts for improved cybersecurity outcomes.

Read also: