Corelight quickly makes sense of encrypted traffic without decryption. The Encrypted Traffic Collection allows security analysts to fingerprint SSL & SSH connections, monitor soon-to-expire certificates, detect SSH client brute force attacks, and much more.

Download specifications
Select product
fleet manager auth

Corelight Fleet Manager

Fleet Manager streamlines the deployment, configuration, and administration of Corelight Sensors across an organization. A single management dashboard gives you RBAC, customizable configuration templates, and sensor health and performance monitoring.

Download specifications

Perfectly balanced network visibility

a screenshot of log rates graph

100x richer than Netflow / 100x smaller than PCAP / 50+ data types and protocols.

Corelight’s logs are the “Goldilocks” of network data: 100x richer than Netflow and 100x times smaller than PCAP. Covering 50+ data types and protocols and interlinked for lightning-fast search, these logs offer just the right amount of data for security tools and operators. Corelight’s fork, filter, and log data reduction features make it easy to manage log volumes for your SIEM without sacrificing critical network visibility.

Core Collection packages

Corelight Sensors come preloaded with the Core Collection—a curated set of Zeek / Bro packages for detection, data enrichment, and operations.

The Core Collection delivers actionable insights like cryptomining and port scanning detections. It also offers operational controls like tuning log export volumes to manage SIEM costs.

bitcoin fingerprint depiction of data transfer

November 19, 2019

Corelight Expands Threat Hunting Capabilities with New Encrypted Traffic Insights

Read press release.

Corelight Raises $50 Million Series C Led by Insight Partners and Accel

grey right arrow

Corelight Expands Executive Team with New Vice President of Engineering and Vice President of People

grey right arrow

Carahsoft Expands Availability of Network Security Solutions With Addition of Corelight to GSA Schedule and CDM Tools SIN

grey right arrow

Corelight Launches New Corelight Cloud Sensor for Amazon Web Services, Ingests Traffic via New Amazon Virtual Private Cloud Traffic Mirroring

grey right arrow

Corelight Enhances Detection Capability with Support for MITRE ATT&CK Package

grey right arrow

Corelight Launches Corelight Fleet Manager for Seamless, Multi-Sensor Support and Administration for Enterprises with Large Deployments

grey right arrow

ComputerWeekly: Alleged state hackers adapting to cover their tracks, says NCSC

grey right arrow

SVBJ: The Funded: 6 Bay Area startups raise over $270M at week's end

grey right arrow

Axios: Venture Capital Deals

grey right arrow

Pitchbook: Corelight shines with $50 million

grey right arrow

Business Computing World UK: Corelight raises $50m for network traffic analysis in the cloud

grey right arrow

Fortune: Term Sheet - Venture Deals

grey right arrow

Splunk .conf19

October 21–24, 2019
Las Vegas, NV

Talk security with our team at Splunk .conf19.

Event details