TALK TO AN EXPERT
ad-images-nav_0001_SANs thumb

SANS Protects: The Network

DOWNLOAD WHITE PAPER

ad-images-nav_0009_Threat-hunting-guide

Threat hunting guide

GET THE GUIDE

ad-images-nav_0013_IDS

Alerts, meet evidence.

LEARN MORE ABOUT OUR IDS SOLUTION

ad-images-nav_white-paper

5 Ways Corelight Data Helps Investigators Win

READ WHITE PAPER

ad-images-nav_0000_Thinking-like-a-threat-actor

Thinking like a Threat Actor: Hunting the Ghost in the Machine

WATCH THE WEBCAST

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

ad-nav-NDR-for-dummies

NDR for Dummies

GET THE WHITE PAPER

ad-nav-video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

Corelight Achieves 75% Year-over-Year Growth in IDS Subscriptions Fueled by Customer Requirements to Consolidate Legacy Toolsets and Boost Efficiency

Company releases enhanced IDS capabilities, further integrating alerts with rich context 

San Francisco, Calif. — Dec. 8, 2022 — Corelight, the leader in open network detection and response (NDR), announced new software enhancements to its add-on on intrusion detection software (IDS) subscription that will allow teams to consolidate security tools, and increase threat team efficiency by generating alerts integrated with the evidence needed to validate, triage and remediate, and enabling customers to replace legacy IDS solutions. 

Corelight’s unique approach to IDS - driven by its open NDR platform and natively integrated Suricata IDS capability - drove a 75 percent year-over-year growth in annual recurring revenue (ARR) for IDS subscriptions for the company.

“Corelight’s NDR threat detections span machine learning, behavioral models and signatures and we are pleased to see the latter also making significant contributions to our growth as more customers recognize the benefits of switching from standalone IDS to an integrated NDR platform,” said Clint Sand, senior vice president of product at Corelight. “When you generate alerts with the evidence required to validate and tune them you can dramatically reduce noise and let analysts get to the alerts that actually matter.”

Corelight's latest software release is poised to further accelerate this momentum by providing customers with new IDS rule management capabilities and enhanced network visibility around devices, users, apps, and more to help customers close asset visibility gaps and speed investigations via immediate asset context. 

“When an alert fires the real investigative work begins. Analysts need fast, precise answers about what assets were involved or exposed during an incident and Corelight’s new Entity Collection gives them that visibility while also helping them understand asset activity over time,” said Sand. “This can eliminate the need for additional pivots and asset lookups and can also reveal entities missed by traditional asset inventory management systems.”

Corelight’s latest software release includes management and data export upgrades to its Software Sensor, a Corelight NDR deployment option that allows customers to reduce costs by leveraging their existing hardware investments for on premise deployments. Corelight offers a range of sensor form factors that can cover corporate data centers, cloud workloads, and more.

Pricing and availability

The company’s core subscription offering includes new Corelight Entity Collection insights at no additional cost. Corelight’s Suricata IDS capability, including the new rules management features shipped in the latest Corelight software release, are available as an add-on subscription. Customers and prospects can contact sales directly for pricing information. More information can be found on the Corelight website.

About Corelight

Corelight transforms network and cloud activity into evidence that security teams use to proactively hunt for threats, accelerate response to incidents, gain complete network visibility and create powerful analytics. Corelight’s global customers include Fortune 500 companies, major government agencies, and large universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek®, the most widely-used network monitoring security platform in the world. For more information, visit https://corelight.com or follow @corelight_inc.