Read the Gartner® Competitive Landscape: Network Detection and Response Report

GET THE REPORT >

Read the Gartner® Competitive Landscape: Network Detection and Response Report

GET THE REPORT >
CONTACT US
CONTACT US

START HERE

Why Open NDR

 

WHY CORELIGHT

Evidence-based security

Detections & analytics

Faster investigation

Complete visibility

    SOLUTIONS

    Cloud security

    Encrypted traffic

    Federal

    Financial services

    Ransomware

    Threat hunting

     

    CORELIGHT LABS

    Recent research

    Mission and team

    Polaris program

      STRATEGIC PARTNERS

      Overview

      CrowdStrike

      Google Cloud

      Microsoft

      Splunk

      Elastic
        Download our free guide to find hidden attackers.

        Find hidden attackers with Open NDR

        SEE HOW

        OVERVIEW

        Open NDR Platform

        Analytics & detections

        MITRE ATT&CK®

         

        PLATFORM CAPABILITIES

        Triage with Investigator

        Network Monitoring with Zeek®

        Intrusion Detection with Suricata®

        Static File Analysis with YARA

        Forensics with Smart PCAP

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Google Cloud

            Microsoft

            Splunk

            Elastic

            View all

             

            USE CASES

            Case Studies

            View all
              volt-typhoon-warning

              Detect advanced attacks with Corelight

              SEE HOW

              TECHNOLOGY INTEGRATIONS

              Partner ecosystem

              Technology partners directory

               

                FOR PARTNERS

                Deal registration

                Become a Channel Partner

                Partner Academy sign up

                Alliance Academy sign up
                  cloud-network

                  Corelight announces cloud enrichment for AWS, GCP, and Azure

                  READ MORE

                  partner-icon-green

                  Corelight's partner program

                  BECOME A PARTNER

                  BLOG

                  Read the latest

                   

                  EVENTS

                  Meet with us

                   

                  RESOURCE CENTER

                  Document Library

                    GLOSSARY

                    NDR (Network Detection & Response)

                    NDR vs. XDR vs. EDR

                    Cloud Security Solutions

                    Intrusion Detection System (IDS)

                    Packet Capture (PCAP)

                    Signature-Based Detection

                    IDS False Positive

                    View all glossary
                        glossary-icon

                        10 Considerations for Implementing an XDR Strategy

                        READ NOW

                        ad-images-nav_0006_Blog

                        Don't trust. Verify with evidence

                        READ BLOG

                        ABOUT US

                        About Corelight

                        Leadership

                        Investors

                          JOIN US

                          Careers

                          Current openings

                            NEWS & EVENTS

                            Newsroom

                            Media coverage

                            Events
                              video

                              The Power of Open-Source Tools for Network Detection and Response

                              WATCH THE WEBCAST

                              ad-nav-ESG

                              The Evolving Role of NDR

                              DOWNLOAD THE REPORT

                              SUPPORT SERVICES

                              Open a ticket

                              Account login

                              Technical bulletins

                              Report a security vulnerability

                                WORLD-CLASS SUPPORT

                                Support overview
                                    ad-images-nav_0006_Blog

                                    Detecting 5 Current APTs without heavy lifting

                                    READ BLOG

                                    g2-medal-best-support-spring-2024

                                    Network Detection and Response

                                    SUPPORT OVERVIEW

                                     

                                    Corelight Bright Ideas Blog

                                    Featured Post

                                    May 19, 2025

                                    Hunting at Black Hat Asia 2025: There’s a First Time for Everything

                                    By Jason Wood

                                    Want to hunt at Black Hat Asia? It was January 2025 and it was a new year at a new job. I had just started at Corelight as a member of the TME team and received an invitation to work Black Hat Asia as a threat hunter in the Black Hat Network Operations Center (NOC). Read more »

                                    Additional Posts

                                    Hunting at Black Hat Asia 2025: There’s a First Time for Everything

                                    By Jason Wood – May 19, 2025

                                    Want to hunt at Black Hat Asia? It was January 2025 and it was a new year at a new job. I had just started at Corelight as a member of the TME team and received an invitation to work Black Hat Asia as a threat hunter in the Black Hat Network... Read more »

                                    Black Hat Asia 2025 NOC: Headfirst into the (Un)Known

                                    By Stan Kiefer – May 19, 2025

                                    I have been working in the cyber security space for over 25 years. I have spent time in security operations centers (SOCs) within the US Department of Defense, taught cyber warfare operators, secured large enterprise networks and, most recently,... Read more »

                                    Dispatch from Black Hat Asia 2025: To err is (still) human

                                    By Mark Overholser – May 19, 2025

                                    Black Hat Asia 2025 has come and gone, and it was another whirlwind of a conference. Thank you to our partners—Arista, Cisco, MyRepublic, and Palo Alto Networks—for making it a successful conference! It’s an exhilarating experience: sitting in the... Read more »

                                    How to threat hunt for Volt Typhoon using NDR

                                    By Jason Wood – May 12, 2025

                                    Whether they use custom implants for persistence, zero days for initial access, or live off the land (LOTL) to avoid detection, finding a state-sponsored adversary group can be a challenging proposition for defenders. This can be particularly true... Read more »

                                    Edge exploits, EDR blind spots, 51-second breakouts

                                    By Vijit Nair – April 30, 2025

                                    For every advancement in defense, attackers supply the equal and opposite adaptation. In the last few years EDRs have become so effective that adversaries have radically shifted gears. That shift shows up unmistakably in three heavyweight... Read more »

                                    Cloud your way: Expanding threat visibility to meet the unique needs of your business

                                    By Allen Marin – April 29, 2025

                                    Let’s face it: The cloud has become the go-to platform for modern infrastructure—and for good reason. Scalability, flexibility, and speed are hard to beat. But as organizations increasingly rely on the cloud to run their critical operations, the... Read more »

                                    Your network evidence, your SIEM, your way: Corelight’s open SIEM strategy empowers SOCs with a unified experience

                                    By Ricky Lin – April 25, 2025

                                    Security operations centers (SOCs) are under constant pressure to keep their organizations secure, while battling alert fatigue, tool sprawl, and ever-rising demands for speed and precision. Analysts today face an overwhelming landscape where... Read more »

                                    How Corelight's anomaly detection enhances network security

                                    By Cynthia Gonzalez – April 15, 2025

                                    Signature-based detections provide fast, effective defense against known attacks. But the threat landscape is rapidly changing: Attackers are utilizing novel, sophisticated techniques that can bypass traditional, signature-based detection methods... Read more »

                                    Leveraging map-reduce and LLMs for enhanced cybersecurity network detection

                                    By Keith J. Jones – March 25, 2025

                                    In my security research role at Corelight, I often have to go through large, complex data sets to detect subtle anomalies and threats. It reminds me of a famous quote by Abraham Lincoln: Read more »

                                    How metadata wrestled control of FINRA’s colossal data archiving requirements

                                    By Richard Chitamitre – March 7, 2025

                                    The financial industry is known for its rigorous and sometimes quirky data retention requirements that can challenge even the most seasoned security expert. Read more »

                                    Recent Posts

                                    Rss Square Streamline Icon: https://streamlinehq.com

                                    1080x1080_GartnerReport