Evidence at the heart of security
Our story starts more than 25 years ago with our co-founder Dr. Vern Paxson, who was working at the Lawrence Berkeley National Laboratory at the time. Vern needed to better understand what was happening on the Lab’s networks, so he created an open source project, now called Zeek®, to provide detailed information about network activity. The project found a few enthused fans at various universities and research labs, and slowly grew in capabilities. Co-founder Dr. Robin Sommer joined the project, now based out of the International Computer Science Institute in Berkeley, in 2001, and co-founder Seth Hall (an incident responder at The Ohio State University, and the project’s most enthusiastic customer) began contributing in 2007.
Under Robin’s leadership, over a number of years the project received extensive financial support (about $8M) from the US National Science Foundation, which was instrumental to turning a powerful-but-boutique system into an industrial-strength platform. NSF viewed the project as hugely successful, and included it as one of eight Highlights across all NSF efforts in their 2017 Congressional Budget Request. The US Department of Energy also provided financial support during this period.
By 2013, the platform’s ability to provide evidence in the form of data logs from the network had become the gold standard for understanding network activity. To support the Zeek project, Vern, Robin & Seth founded a company—now named Corelight—with a business model of providing services to make it easier for companies to leverage Zeek. By 2015 it became clear that people needed more than a service—rather, a fully integrated system that truly leveraged the design pattern built by the sophisticated defenders in the Zeek community.
Achieving this re-envisioning of the company would require finding just the right teammate with the right technology background, someone who’d also play a vital role in helping create a culture that people would love to be part of. To this end, they tapped co-Founder Dr. Greg Bell, who at the Lawrence Berkeley National Laboratory led the Department of Energy’s world-wide ESnet network. The company was incorporated in 2016 and the Corelight Sensor was born. Company values were articulated, hiring ramped up at an exponential pace, customer adoption accelerated, and in 2017 the company secured a $9.2M A round from Accel Partners. Today we are a fast-growing Series-D company with a diverse, geographically distributed team connected by our strong culture and our mission to help customers stay ahead of ever-changing cyber attacks.
Today, Zeek is the world’s leading platform for Network Security Monitoring, and Corelight continues to be its steward. Our offerings now include rich insights not only from Zeek, but also Suricata. We’ve created our own proprietary technologies for VPN, encrypted collections, packet capture and more. Our sensors now address virtual, software, cloud and physical environments. And we’ve added machine-learning and intuitive scalable search to the mix. We serve large enterprises and government agencies in more than fifteen countries.
Our customers love us because we help them translate network and cloud activity into evidence that they can use to proactively hunt for threats, quickly investigate cyber incidents, gain visibility into their networks, and leverage analytics powered by machine learning.
By making evidence the heart of security, we help customers stay ahead of ever-changing cyber attacks. We look forward to welcoming new employees to our community to help us deliver on our mission.