Corelight introduces GenAI Accelerator Pack for SOCs

Corelight introduced its Generative AI (GenAI) Accelerator Pack, featuring a Model Context Protocol (MCP) Server and various promptbooks, designed to enhance workflows in Security Operations (SecOps) Centers (SOCs). This initiative supports the integration of large language models (LLMs) into existing security frameworks, aiming to improve alert triage efficiency across multiple platforms.

The private preview of the GenAI Accelerator Pack coincided with the Black Hat conference held in Las Vegas from August 2-7, where Corelight served as the exclusive provider of Network Detection and Response (NDR) solutions. This pack combines standard network evidence with advanced analytic capabilities, facilitating inquiries and responses to security incidents.

Corelight's GenAI offerings build on its established leadership in NDR, which includes integrated workflow automation and partnerships for Large Language Model (LLM) co-development. The introduction of the MCP Server allows analysts to utilize Natural Language Processing (NLP) for data retrieval from various Security Information and Event Management (SIEM) systems. According to Corelight's Chief Strategy Officer Greg Bell, this approach enhances SecOps Center (SOC) capabilities while maintaining transparency and independence in its architecture.

The GenAI Accelerator Pack extends the utilities of Corelight's existing tools, now accessible to sensor-only customers, providing them with robust workflow automation. These resources enable security practitioners to streamline the analysis of network alerts from Corelight and other security sources, thereby improving overall operational capabilities.

Daily Intelligence Brief: Silicom secures $2M Design Win for FPGA Smart Card - September 29, 2025

CISA and UK NCSC issue joint guidance for operational technology security

Weekly Intelligence Brief on Silicon developments - Week of September 29, 2025