Read the Gartner® Competitive Landscape: Network Detection and Response Report

GET THE REPORT >

Read the Gartner® Competitive Landscape: Network Detection and Response Report

GET THE REPORT >
CONTACT US
CONTACT US

START HERE

Why Open NDR

 

WHY CORELIGHT

Evidence-based security

Detections & analytics

Faster investigation

Complete visibility

    SOLUTIONS

    Cloud security

    Encrypted traffic

    Federal

    Ransomware

    Threat hunting

     

    CORELIGHT LABS

    Recent research

    Mission and team

    Polaris program

      STRATEGIC PARTNERS

      Overview

      Crowdstrike

      Google Cloud

      Microsoft

      Splunk

      Elastic
        forrester wave report 2023

        Close your ransomware case with Open NDR

        SEE HOW

        OVERVIEW

        Open NDR Platform

        Analytics & detections

        MITRE ATT&CK®

         

        PLATFORM CAPABILITIES

        Triage with Investigator

        Network Monitoring with Zeek®

        Intrusion Detection with Suricata®

        Static File Analysis with YARA

        Forensics with Smart PCAP

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Google Cloud

            Microsoft

            Splunk

            Elastic

            View all

             

            USE CASES

            Case Studies

            View all
              Download our free guide to find hidden attackers.

              Find hidden attackers with Open NDR

              SEE HOW

              TECHNOLOGY INTEGRATIONS

              Partner ecosystem

              Technology partners directory

               

                FOR PARTNERS

                Deal registration

                Become a Channel Partner

                Partner Academy sign up

                Alliance Academy sign up
                  cloud-network

                  Corelight announces cloud enrichment for AWS, GCP, and Azure

                  READ MORE

                  corelight partner programe guide

                  Corelight's partner program

                  VIEW PROGRAM

                  BLOG

                  Read the latest

                   

                  EVENTS

                  Meet with us

                   

                  RESOURCE CENTER

                  Document Library

                    GLOSSARY

                    NDR (Network Detection & Response)

                    NDR vs. XDR vs. EDR

                    Cloud Security Solutions

                    Intrusion Detection System (IDS)

                    Packet Capture (PCAP)

                    Signature-Based Detection

                    IDS False Positive
                        glossary-icon

                        10 Considerations for Implementing an XDR Strategy

                        READ NOW

                        ad-images-nav_0006_Blog

                        Don't trust. Verify with evidence

                        READ BLOG

                        ABOUT US

                        About Corelight

                        Leadership

                        Investors

                          JOIN US

                          Careers

                          Current openings

                            NEWS & EVENTS

                            Newsroom

                            Media coverage

                            Events
                              video

                              The Power of Open-Source Tools for Network Detection and Response

                              WATCH THE WEBCAST

                              ad-nav-ESG

                              The Evolving Role of NDR

                              DOWNLOAD THE REPORT

                              SUPPORT SERVICES

                              Open a ticket

                              Account login

                              Technical bulletins

                              Report a security vulnerability

                                WORLD-CLASS SUPPORT

                                Support overview
                                    ad-images-nav_0006_Blog

                                    Detecting 5 Current APTs without heavy lifting

                                    READ BLOG

                                    g2-medal-best-support-spring-2024

                                    Network Detection and Response

                                    SUPPORT OVERVIEW

                                     

                                    Corelight Bright Ideas Blog

                                    Network Security

                                    What makes evidence uniquely valuable?

                                    By Gregory Bell – May 18, 2022

                                    Editor's note: This is the third in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. American novelist F. Scott Fitzgerald famously wrote that “the test of a first-rate intelligence is... Read more »

                                    Another day, another DCE/RPC RCE

                                    By Corelight Labs Team – May 17, 2022

                                    CVE-2022-26809 was patched in Microsoft’s previous Patch Tuesday (April 12) and it’s a doozy: remote code execution on affected versions of DCE/RPC hosts. The vulnerability attracted a lot of attention in the security community, both because of its... Read more »

                                    Monitoring AWS networks at scale

                                    By Vijit Nair – May 12, 2022

                                    Corelight is pleased to announce our integration with AWS’s Traffic Mirroring to Gateway Load Balancer (GWLB) Endpoint as a Target. This integration simplifies the monitoring of network traffic and generating Corelight data in massively scaled-out... Read more »

                                    Spotting Log4j traffic in Kubernetes environments

                                    By Stan Kiefer – May 10, 2022

                                    Editor’s note: This is the latest in a series of posts we have planned over the next several weeks where we explore topics such as network monitoring in Kubernetes, using sidecars to sniff and tunnel traffic, show a real-world example of detecting... Read more »

                                    Network evidence for defensible disclosure

                                    By Richard Bejtlich – May 5, 2022

                                    Editor's note: This is the second in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. Read more »

                                    Sidecars for network monitoring

                                    By Al Smith – April 21, 2022

                                    Editor’s note: This is the second in a series of posts we have planned over the next several weeks where we explore topics such as network monitoring in Kubernetes, using sidecars to sniff and tunnel traffic, show a real-world example of detecting... Read more »

                                    Deeper visibility into Kubernetes environments with network monitoring

                                    By Vijit Nair – April 12, 2022

                                    Editor’s note: This is the first in a series of posts we have planned over the next several weeks. We will explore topics such as network monitoring in Kubernetes, using sidecars to sniff and tunnel traffic, show a real-world example of detecting... Read more »

                                    Don’t trust. Verify with evidence.

                                    By Brian Dye – April 7, 2022

                                    Editor's note: This is the first in a series of Corelight blog posts focusing on evidence-based security strategy. Catch up on all of the posts here. What matters most in a criminal trial? Evidence. Everything depends on the quality and depth of... Read more »

                                    VPNs are increasingly common - how much can you see?

                                    By Vince Stoffer – March 24, 2022

                                    New VPN Insights package shines the light on a growing blindspot VPN tunnels are like shipping containers in that they are widely used (especially as the pandemic has moved more of the workforce to remote work), and they can be used to carry traffic... Read more »

                                    Know your environment: Tenable/Corelight integration for prioritized IDS alerts

                                    By Alex Kirk – March 10, 2022

                                    One of the major causes of alert fatigue for SOCs is a class of alerts that fall in between false positives and useful detections: when an actual attack has been launched, and the detection is working correctly, but the host on the receiving end is... Read more »

                                    Recent Posts

                                    Rss Square Streamline Icon: https://streamlinehq.com

                                    1080x1080_GartnerReport