What is Digital Forensics & Incident Response (DFIR)?
What Is an Intrusion Detection System (IDS)?
What Is NDR (Network Detection & Response)?
What Is Packet Capture (PCAP)?
What Is Signature-Based Detection?
Report a security vulnerability
December 8, 2022 by Kylie Heintz
Company releases enhanced IDS capabilities, further integrating alerts with rich context
San Francisco, Calif. — Dec. 8, 2022 — Corelight, the leader in open network detection and response (NDR), announced new software enhancements to its add-on on intrusion detection software (IDS) subscription that will allow teams to consolidate security tools, and increase threat team efficiency by generating alerts integrated with the evidence needed to validate, triage and remediate, and enabling customers to replace legacy IDS solutions.
Corelight’s unique approach to IDS - driven by its open NDR platform and natively integrated Suricata IDS capability - drove a 75 percent year-over-year growth in annual recurring revenue (ARR) for IDS subscriptions for the company.
“Corelight’s NDR threat detections span machine learning, behavioral models and signatures and we are pleased to see the latter also making significant contributions to our growth as more customers recognize the benefits of switching from standalone IDS to an integrated NDR platform,” said Clint Sand, senior vice president of product at Corelight. “When you generate alerts with the evidence required to validate and tune them you can dramatically reduce noise and let analysts get to the alerts that actually matter.”
Corelight's latest software release is poised to further accelerate this momentum by providing customers with new IDS rule management capabilities and enhanced network visibility around devices, users, apps, and more to help customers close asset visibility gaps and speed investigations via immediate asset context.
“When an alert fires the real investigative work begins. Analysts need fast, precise answers about what assets were involved or exposed during an incident and Corelight’s new Entity Collection gives them that visibility while also helping them understand asset activity over time,” said Sand. “This can eliminate the need for additional pivots and asset lookups and can also reveal entities missed by traditional asset inventory management systems.”
Corelight’s latest software release includes management and data export upgrades to its Software Sensor, a Corelight NDR deployment option that allows customers to reduce costs by leveraging their existing hardware investments for on premise deployments. Corelight offers a range of sensor form factors that can cover corporate data centers, cloud workloads, and more.
Pricing and availability
The company’s core subscription offering includes new Corelight Entity Collection insights at no additional cost. Corelight’s Suricata IDS capability, including the new rules management features shipped in the latest Corelight software release, are available as an add-on subscription. Customers and prospects can contact sales directly for pricing information. More information can be found on the Corelight website.
Corelight transforms network and cloud activity into evidence that security teams use to proactively hunt for threats, accelerate response to incidents, gain complete network visibility and create powerful analytics. Corelight’s global customers include Fortune 500 companies, major government agencies, and large universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek®, the most widely-used network monitoring security platform in the world. For more information, visit https://corelight.com or follow @corelight_inc.