CONTACT US
CONTACT US

START HERE

Why Open NDR

 

WHY CORELIGHT

Evidence-based security

Detections & analytics

Faster investigation

Complete visibility

    SOLUTIONS

    Cloud security

    Encrypted traffic

    Federal

    Financial services

    Ransomware

    Threat hunting

     

    CORELIGHT LABS

    Recent research

    Mission and team

    Polaris program

      STRATEGIC PARTNERS

      Overview

      CrowdStrike

      Google Cloud

      Microsoft

      Splunk

      Elastic
        Download our free guide to find hidden attackers.

        Find hidden attackers with Open NDR

        SEE HOW

        OVERVIEW

        Open NDR Platform

        Analytics & detections

        MITRE ATT&CK®

         

        PLATFORM CAPABILITIES

        Triage with Investigator

        Network Monitoring with Zeek®

        Intrusion Detection with Suricata®

        Static File Analysis with YARA

        Forensics with Smart PCAP

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Google Cloud

            Microsoft

            Splunk

            Elastic

            View all

             

            USE CASES

            Case Studies

            View all
              volt-typhoon-warning

              Detect advanced attacks with Corelight

              SEE HOW

              TECHNOLOGY INTEGRATIONS

              Partner ecosystem

              Technology partners directory

               

                FOR PARTNERS

                Deal registration

                Become a Channel Partner

                Partner Academy sign up

                Alliance Academy sign up
                  cloud-network

                  Corelight announces cloud enrichment for AWS, GCP, and Azure

                  READ MORE

                  partner-icon-green

                  Corelight's partner program

                  BECOME A PARTNER

                  BLOG

                  Read the latest

                   

                  EVENTS

                  Meet with us

                   

                  RESOURCE CENTER

                  Document Library

                    GLOSSARY

                    NDR (Network Detection & Response)

                    NDR vs. XDR vs. EDR

                    Cloud Security Solutions

                    Intrusion Detection System (IDS)

                    Packet Capture (PCAP)

                    Signature-Based Detection

                    IDS False Positive

                    View all glossary
                        glossary-icon

                        10 Considerations for Implementing an XDR Strategy

                        READ NOW

                        ad-images-nav_0006_Blog

                        Don't trust. Verify with evidence

                        READ BLOG

                        ABOUT US

                        About Corelight

                        Leadership

                        Investors

                          JOIN US

                          Careers

                          Current openings

                            NEWS & EVENTS

                            Newsroom

                            Media coverage

                            Events
                              video

                              The Power of Open-Source Tools for Network Detection and Response

                              WATCH THE WEBCAST

                              ad-nav-ESG

                              The Evolving Role of NDR

                              DOWNLOAD THE REPORT

                              SUPPORT SERVICES

                              Open a ticket

                              Account login

                              Technical bulletins

                              Report a security vulnerability

                                WORLD-CLASS SUPPORT

                                Support overview
                                    ad-images-nav_0006_Blog

                                    Detecting 5 Current APTs without heavy lifting

                                    READ BLOG

                                    g2-medal-best-support-spring-2024

                                    Network Detection and Response

                                    SUPPORT OVERVIEW

                                     

                                    Corelight Bright Ideas Blog

                                    Vince Stoffer

                                    It’s Typhoon Season: Attackers are deliberately evading EDR. What can you do about it?

                                    By Vince Stoffer – December 6, 2024

                                    Introduction Over the past year, several sophisticated cyber-espionage campaigns have grabbed the attention of our industry and challenged defenders and vendors alike with advanced tactics, techniques, and procedures (TTPs). One of the most visible... Read more »

                                    Feed me!

                                    By Vince Stoffer – September 25, 2024

                                    Corelight has strengthened the Suricata integration within its Open NDR Platform, empowering customers with a custom ruleset, the Corelight Feed, designed to swiftly detect and help respond to emerging threats. With a new monthly update cycle,... Read more »

                                    How Corelight Uses AI to Empower SOC Teams

                                    How Corelight Uses AI to Empower SOC Teams

                                    By Vince Stoffer – November 15, 2023

                                    The explosion of interest in artificial intelligence (AI) and specifically large language models (LLMs) has recently taken the world by storm. The duality of the power and risks that this technology holds is especially pertinent to cybersecurity. On... Read more »

                                    Extending visibility through our new ICS/OT collection

                                    By Vince Stoffer – June 21, 2023

                                    Increasingly, security teams are tasked with identifying, understanding, and managing risk around devices that may live outside the traditional IT umbrella. Operational Technology (OT) refers to computing systems that are used to manage and process... Read more »

                                    Expand visibility around authentication and application anomalies with Corelight’s new LDAP analyzer

                                    By Vince Stoffer – March 20, 2023

                                    Comprehensive visibility into network protocols is a hallmark of Zeek (and therefore Corelight) data. That's why we are very happy to announce that with our v27.2 release we are supporting a new analyzer for the LDAP protocol. You likely know LDAP... Read more »

                                    Corelight launches the Entity Collection

                                    Corelight launches the Entity Collection

                                    By Vince Stoffer – December 13, 2022

                                    Corelight Labs, our amazing research team, has been hard at work on another content collection which we are excited to introduce: the Corelight Entity Collection. Read more »

                                    VPNs are increasingly common - how much can you see?

                                    By Vince Stoffer – March 24, 2022

                                    New VPN Insights package shines the light on a growing blindspot VPN tunnels are like shipping containers in that they are widely used (especially as the pandemic has moved more of the workforce to remote work), and they can be used to carry traffic... Read more »

                                    Introducing the C2 Collection and RDP inferences

                                    By Vince Stoffer – May 17, 2021

                                    We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software. One of the most important ways that defenders can quickly identify and contain a security incident... Read more »

                                    Translating query into action

                                    By Vince Stoffer – March 14, 2021

                                    One of the most important aspects of threat hunting is having a place to start. A question, a theory, or a hunch often begins the hunt. Where you end up may not be where you first intended, but a good hunt will always reveal new information about... Read more »

                                    The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection

                                    By Vince Stoffer – June 15, 2020

                                    With Corelight’s latest software release, v19, we are excited to announce the expansion of our Encrypted Traffic Collection (ETC). The ETC was introduced in late 2019, but as a reminder it’s a collection of security insights around SSL/TLS and SSH... Read more »

                                    Recent Posts

                                    Rss Square Streamline Icon: https://streamlinehq.com

                                    1080x1080_GartnerReport