The big idea behind Corelight has always been simple: ground truth is priceless. What really happened, both now and looking back in time. Whether it is used to detect attacks, investigate routine alerts, respond to new vulnerabilities or a full scale incident response, the constant is that ground truth makes everything in security better.
We have no claim of authorship here. By contrast, we learn from the world’s most accomplished defenders through their use of Zeek® and Suricata®. We learn what data they need, what detections they build, what workflows they automate. We take that insight and build products to democratize those design patterns.
In doing so, we realized that the ground truth we provide amplifies the power of the biggest trends in technology today. Attackers have no choice but to traverse networks, creating a unique source of insight for defenders to exploit when finding and disrupting advanced threats - in the cloud, on premises, in remote offices, for industrial controls and beyond. That evidence in turn is the critical ingredient for AI in security, amplifying the impact of machine learning and multiplying the power of large language models for workflow automation. There are incredible innovations in both those fields, but they need great data to shine.
Today’s announcement is an endorsement of both our strategy and opportunity. Our partnership with Accel ensures we can continue to innovate and earn growth. Our work with CrowdStrike continues to benefit our mutual customers across incident response, managed services and Next Generation SIEM. I am excited to deepen our work with Cisco across hybrid multi-cloud environments and by accelerating security operations within Splunk. We are committed to being open, so that Corelight’s ground truth can improve security results not just in our own products but in whatever technology stack the organization chooses. The fact that so many leading incident response teams and top cybersecurity companies have chosen Corelight proves the value of that open approach. When they invest, it’s an even more meaningful statement.
To our customers, who include some of the most elite defenders in the world, thank you for your partnership. We will use this investment to continue to innovate for you. Making the best data in the business even better. Expanding detection coverage, in both breadth and depth. Accelerating security workflows, both in our own technology and in your SIEM of choice. Fostering an LLM ecosystem that supports the direction you choose. My only ask is to keep challenging us to deliver what you need to disrupt advanced attacks.
To our communities, thank you for your insight and support. We are committed to open source - supporting the Zeek and Suricata projects (as well as others) in time, talent and dollars. What we continue to learn from you drives meaningful results for defenders across the globe.
To my fellow Corelighters, thank you for your tireless service to our customers, communities and each other. We can only deliver at the highest level by continuing to evolve what we do every day, and I see you living that mantra. Stay curious and keep packing parachutes for each other as we build this business together.
I view these investments not as a victory but as an obligation. A promise made, that we must keep. Our job, our opportunity, our mission is to fuel security AI for every defender. Not just through our products, but through our technology partners. So every security team has ground truth, in a way that works for them.
If you’d like to learn more, reach out. We’d love to talk to you.
Related topics
