Find hidden attackers with Open NDR
Detect advanced attacks with Corelight
Corelight announces cloud enrichment for AWS, GCP, and Azure
Corelight's partner program
10 Considerations for Implementing an XDR Strategy
Don't trust. Verify with evidence
2025 Gartner® Magic Quadrant™ for NDR
Detecting 5 Current APTs without heavy lifting
Network Detection and Response
We’re thrilled to announce that Corelight has been ranked a Leader and Outperformer in the 2025 GigaOm Radar for Network Detection and Response (NDR) Solutions. NDR solutions are essential for continuous real-time monitoring and analysis of network traffic. Corelight's Open NDR excels at detecting known and unknown threats across on-premises, cloud, and hybrid environments, leveraging cutting-edge technologies such as artificial intelligence, machine learning, and behavioral analytics.
What sets Corelight apart?
The GigaOm Radar evaluates vendors based on several criteria, including technical capabilities and business impact. Corelight's strengths in the Innovation/Platform Play quadrant of the NDR Radar are reflected in several key capabilities:
- Deep Packet Inspection: Corelight Open NDR utilizes Zeek and Suricata to transform raw packet data into structured network evidence, exposing subtle indicators of compromise such as command-and-control channels.
- Encrypted Traffic Analysis: Employs JA3 and JA3S TLS fingerprinting to detect encrypted threats without decryption, with integration options for selective decryption through partner products.
- Historical Forensics: Innovative SmartPCAP technology captures investigation-relevant packets for extended forensic windows, supporting up to seven years of historical data storage and fast querying.
Seamless NDR Adoption with Corelight
Corelight's Open NDR Platform offers a flexible, usage-based licensing model to ensure cost-effectiveness by charging based on the throughput of analyzed network traffic, filtering out unnecessary flows such as video or bulk backups. This method guarantees that customers pay only for the data crucial to their analysis, with costs aggregated across their entire infrastructure, whether on-premises or in the cloud, at any global location.
The Open NDR Platform provides deployment flexibility through standalone hardware sensors, virtual sensors, or cloud-based environments, along with robust integration capabilities with existing security tools. Corelight's customers have also observed 99:1 data reduction without compromising fidelity, making the platform suitable for a wide range of use cases.
Why is this recognition significant?
The report is a valuable resource for organizations looking to strengthen their security posture. Corelight's recent innovations include -
- AI integration for SOC workflows, providing guidance on triage, investigation, and remediation
- Enhanced threat detection and forensic capabilities with real-time static file analysis using YARA, community-sourced intelligence, and advanced machine learning models
- Enrichment of network evidence with threat intelligence feeds and security data from other tools like EDR.
Corelight continues to innovate, expand, and redefine what’s possible in network threat detection. Want to see what makes us a GigaOm leader? Check out the full report and discover how Corelight can transform your security strategy today.