Read the Gartner® Competitive Landscape: Network Detection and Response Report

GET THE REPORT >

Read the Gartner® Competitive Landscape: Network Detection and Response Report

GET THE REPORT >
CONTACT US
CONTACT US

START HERE

Why Open NDR

 

WHY CORELIGHT

Evidence-based security

Detections & analytics

Faster investigation

Complete visibility

    SOLUTIONS

    Cloud security

    Encrypted traffic

    Federal

    Ransomware

    Threat hunting

     

    CORELIGHT LABS

    Recent research

    Mission and team

    Polaris program

      STRATEGIC PARTNERS

      Overview

      Crowdstrike

      Google Cloud

      Microsoft

      Splunk

      Elastic
        forrester wave report 2023

        Close your ransomware case with Open NDR

        SEE HOW

        OVERVIEW

        Open NDR Platform

        Analytics & detections

        MITRE ATT&CK®

         

        PLATFORM CAPABILITIES

        Triage with Investigator

        Network Monitoring with Zeek®

        Intrusion Detection with Suricata®

        Static File Analysis with YARA

        Forensics with Smart PCAP

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Google Cloud

            Microsoft

            Splunk

            Elastic

            View all

             

            USE CASES

            Case Studies

            View all
              Download our free guide to find hidden attackers.

              Find hidden attackers with Open NDR

              SEE HOW

              TECHNOLOGY INTEGRATIONS

              Partner ecosystem

              Technology partners directory

               

                FOR PARTNERS

                Deal registration

                Become a Channel Partner

                Partner Academy sign up

                Alliance Academy sign up
                  cloud-network

                  Corelight announces cloud enrichment for AWS, GCP, and Azure

                  READ MORE

                  corelight partner programe guide

                  Corelight's partner program

                  VIEW PROGRAM

                  BLOG

                  Read the latest

                   

                  EVENTS

                  Meet with us

                   

                  RESOURCE CENTER

                  Document Library

                    GLOSSARY

                    NDR (Network Detection & Response)

                    NDR vs. XDR vs. EDR

                    Cloud Security Solutions

                    Intrusion Detection System (IDS)

                    Packet Capture (PCAP)

                    Signature-Based Detection

                    IDS False Positive
                        glossary-icon

                        10 Considerations for Implementing an XDR Strategy

                        READ NOW

                        ad-images-nav_0006_Blog

                        Don't trust. Verify with evidence

                        READ BLOG

                        ABOUT US

                        About Corelight

                        Leadership

                        Investors

                          JOIN US

                          Careers

                          Current openings

                            NEWS & EVENTS

                            Newsroom

                            Media coverage

                            Events
                              video

                              The Power of Open-Source Tools for Network Detection and Response

                              WATCH THE WEBCAST

                              ad-nav-ESG

                              The Evolving Role of NDR

                              DOWNLOAD THE REPORT

                              SUPPORT SERVICES

                              Open a ticket

                              Account login

                              Technical bulletins

                              Report a security vulnerability

                                WORLD-CLASS SUPPORT

                                Support overview
                                    ad-images-nav_0006_Blog

                                    Detecting 5 Current APTs without heavy lifting

                                    READ BLOG

                                    g2-medal-best-support-spring-2024

                                    Network Detection and Response

                                    SUPPORT OVERVIEW

                                     

                                    Corelight Bright Ideas Blog

                                    Featured Post

                                    January 28, 2025

                                    Thrown in the deep end: My first time hunting in the Black Hat NOC

                                    By Matt Ellison

                                    If you have even a passing interest in cybersecurity, you no doubt have heard of Black Hat, the eponymously named conference that launched in 1997 in Las Vegas. Nearly 30 years later Black Hat is a global phenomenon that bears little resemblance to its humble, hacker-led origins. And yet, the core idea of giving security teams insights into the... Read more »

                                    Additional Posts

                                    New Sliver C2 Detection Released - Redteam detected

                                    By Corelight Labs Team – May 4, 2023

                                    We are excited to announce the release of a new detection package “Sliver”, which identifies and raises alerts related to the Sliver C2 framework. This new package joins our industrial-strength C2 Collection and uses a variety of techniques to... Read more »

                                    How SOCs can level up their PCAP game with Smart PCAP

                                    By Roger Cheeks – May 3, 2023

                                    This blog post is the first in a 2 part series on Corelight Smart PCAP. Tune in next week for part two where we’ll take a deep dive look at Corelight’s PCAP functionality and workflows that accelerate security investigations. Read more »

                                    Corelight Open NDR Now Helps Defend Black Hat Events

                                    By John Gamble – April 18, 2023

                                    Read more »

                                    Expand visibility around authentication and application anomalies with Corelight’s new LDAP analyzer

                                    By Vince Stoffer – March 20, 2023

                                    Comprehensive visibility into network protocols is a hallmark of Zeek (and therefore Corelight) data. That's why we are very happy to announce that with our v27.2 release we are supporting a new analyzer for the LDAP protocol. You likely know LDAP... Read more »

                                    Corelight Investigator introduces new Machine Learning Models

                                    By Sara Shuman – January 31, 2023

                                    Corelight Investigator furthers its commitment to delivering next-level analytics through the expansion of its machine learning models. Security teams are now enabled with additional supervised and deep learning models, including: Read more »

                                    Corelight for the everywhere cloud

                                    By Ed Amoroso, founder and CEO of TAG Cyber (guest) – January 17, 2023

                                    Editor's note: This is the first in five-part series authored by Ed Amoroso, founder and CEO of TAG Cyber, which will focuses on how the Corelight platform reduces network security risks to the so-called Everywhere Cloud (EC). Such security... Read more »

                                    Corelight launches the Entity Collection

                                    Corelight launches the Entity Collection

                                    By Vince Stoffer – December 13, 2022

                                    Corelight Labs, our amazing research team, has been hard at work on another content collection which we are excited to introduce: the Corelight Entity Collection. Read more »

                                    Replace IDS and extend entity visibility

                                    Replace IDS and extend entity visibility

                                    By John Gamble – December 8, 2022

                                    Today, as a part of our v27 software release, we are launching enhanced IDS rules management functionality, extending analyst visibility around hosts, devices, users, and more, and upgrading the Corelight Software Sensor to give customers more NDR... Read more »

                                    Zeek on Windows

                                    By Tim Wojtulewicz – December 5, 2022

                                    Editor's note: This post was originally published on the Zeek.org blog on Nov. 28, 2022. Reposted here in full with permission as a courtesy. Read more »

                                    IoT/OT/ICS threats: Detecting vulnerable Boa web servers

                                    By Corelight Labs Team – November 30, 2022

                                    Editor's note: This blog post was updated on 12/1/22 to add the "Update 12/1/22" and corresponding paragraph added to the end of the blog post. On Nov. 22, 2022 Microsoft announced research findings about an ongoing supply chain attack against IoT... Read more »

                                    Recent Posts

                                    Rss Square Streamline Icon: https://streamlinehq.com

                                    1080x1080_GartnerReport