Technology partners
Corelight works with leading technology and service partners. Make your favorite tools work better. Corelight delivers a telemetry boost for more powerful triage and analysis. We easily integrate with popular SIEMs, XDR solutions, data lakes, and other industry-leading SOC tools.
The Corelight Cloud Sensor transforms VPC traffic into rich logs, extracted files, and custom insights that accelerate incident response. AWS customers can also send Corelight evidence directly into S3 for storage and analysis.
Increase detection coverage, accelerate response, and expand visibility across your network with Corelight and CrowdStrike. Corelight’s Open NDR Platform delivers evidence, insights, and indicators to the AI-native CrowdStrike Falcon® platform to find and disrupt adversaries.
Corelight’s rich network evidence improves detection coverage, accelerates incident response, and amplifies your Elastic investment. Our Open NDR Platform integrates seamlessly into Elastic Security environments to deliver normalized network data for fast analysis, visualization, and correlation.
Corelight’s Open NDR Platform has been instrumental in helping Google Cloud customers enhance the visibility of potential threats, accelerate investigations, and understand the interrelated details of even the most sophisticated attacks directly and through Mandiant Managed Defense.
Along with native integration with Microsoft Sentinel, the Corelight App for Sentinel also includes pre-defined workbooks, custom dashboards, sample queries, and analytics rules to help SOC teams accelerate investigations, incident response, and threat hunting, strengthening Microsoft’s XDR and Zero Trust solutions.
Corelight data integrates seamlessly into Splunk Enterprise and Splunk Enterprise Security (ES) environments by automatically populating fields in common Splunk data models. The Corelight App for Splunk accelerates deployment for new Splunk users with clear insights into all network activity.
Our partners
|
Because of the efficiency of the Corelight logs, AI-Hunter can continually hunt through the previous 24 hours worth of network data. This permits AI-Hunter to be far more accurate in identifying C2 communications than competing solutions. Download solution brief |
|
The AlphaSOC Analytics Engine (AE) performs fast multi-dimensional processing of network telemetry to identify anomalies and highlight compromised hosts. |
|
APCON products monitor, filter, and streamline data 24 x 7 x 365 to optimize traffic for maximum network performance and security. |
|
Analyst1 is an orchestrated threat intelligence platform that enables security teams to operationalize intelligence across their existing security ecosystem. Download data sheet |
|
Arista’s cloud network solutions deliver availability, agility, automation, analytics and security through an advanced network operating stack. |
|
Axellio’s innovative network intelligence platform PacketXpress® provides a high-speed, application-agnostic, open platform for packet capture, storage, analysis, and distribution in an extremely small footprint. |
|
cPacket builds ultra-high performance packet brokers based on custom hardware for the most demanding environments. |
|
The combination of Corelight and Cribl allows organizations to optimize their security data, control costs by filtering and reducing data volumes, and improve the overall efficiency of their security operations by ensuring that high-fidelity data is available for analysis and response. |
|
Devo replaces traditional SIEMs with a real-time security data platform that includes SIEM, SOAR, and UEBA, as well as AI and intelligent automation that help your SOC work faster and smarter. |
|
Endace Probes record 100% accurate Network History to solve Cybersecurity, Network and Application issues. Bring clarity to every incident, alert or issue with an open packet capture platform that integrates with all your commercial, open source or custom-built tools. |
|
The Exabeam Security Operations Platform includes cloud-scale security log management and SIEM, powerful behavioral analytics, and automated threat detection, investigation and response (TDIR). |
|
Garland Technology is an industry leader delivering network products and solutions for enterprise, service providers, and government agencies worldwide. Since 2011, Garland Technology has developed the industry’s most reliable test access points (TAPs), enabling data centers to address IT challenges and gain complete network visibility. |
|
Gigamon offers a deep observability pipeline that efficiently delivers network-derived intelligence to cloud, security, and observability tools. This helps eliminate security blind spots and reduce tool costs, enabling you to better secure and manage your hybrid cloud infrastructure. |
|
Keysight provides testing, visibility, and security solutions, strengthening applications across physical and virtual networks for enterprises, service providers, and network equipment manufacturers. |
|
Mira’s advanced TLS/SSL decryption technology significantly enhances the capabilities of Corelight’s Open NDR Platform by empowering users to gain full insights into encrypted traffic by decrypting the flows of TLS/SSL and SSH traffic, bolstering visibility and control. |
|
Corelight's integration with Netskope enhances security visibility and threat detection by integrating Corelight's advanced network insights with Netskope's Cloud TAP. |
|
Niagara Networks is a Silicon Valley-based company that provides high-performance, high-reliability network visibility and traffic delivery solutions for the world’s most demanding service provider and enterprise environments. |
|
Corelight's Nutanix Ready Core certification ensures seamless integration with Nutanix environments, enhancing security and operational efficiency for organizations leveraging hybrid and multi-cloud infrastructures. |
|
Corelight integrates with Palo Alto Networks to enhance response capabilities by enabling firewall blocking of malicious threats. This integration streamlines incidence response, reducing the time between detection and remediation. |
|
Reversing Labs' RL Spectra Core powers the software supply chain and file security insights, tracking over 40 billion searchable files daily with the ability to deconstruct full software binaries in seconds to minutes. |
|
Secureworks Taegis ManagedXDR provides superior detection and unmatched response through an open, powerful platform with high-value security expertise and 24/7/365 protection. |
|
Securonix delivers a next generation security analytics and operations management platform for the modern era of big data and advanced cyber threats. |
|
SentinelOne is a leading AI-powered cybersecurity platform. SentinelOne empowers the world to run securely by creating intelligent, data-driven systems that think for themselves, stay ahead of risk, and evolve. Fortune 10, Fortune 500, and global companies – trust SentinelOne to secure tomorrow. |
|
Analysts using Corelight's Open NDR platform can send specified detections to ServiceNow, enabling efficient case management for in-depth analysis. |
|
Powered by Sigma language and MITRE ATT&CK®, SOC Prime's Detection as Code platform enables intelligence-driven threat detection and hunting capabilities, cost-efficient threat investigation, and direct access to detection content for critical threats in <24 hours. Download solution brief |
|
Stellar Cyber’s Open XDR platform delivers comprehensive, unified security without complexity to help reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering a 20X improvement in MTTD and an 8X improvement in MTTR. |
|
Sumo Logic SaaS Log Analytics Platform unifies and analyzes enterprise data, translating it into actionable insights through one AI-powered cloud-native log analytics platform. |
|
Tenable is the Exposure Management company. As the creator of Nessus, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. |
|
ThreatQ is the first purpose-built, data-driven threat intelligence platform that helps teams prioritize, automate and collaborate on security incidents; enables more focused decision making; and maximizes limited resources by integrating existing processes and technologies into a unified workspace. |
|
Founded in 2014, Vijilan Security provides Managed Extended Detection & Response (mXDR) services. Combining its next-gen SIEM based on CrowdStrike® LogScale with its VISH platform, Vijilan offers cybersecurity solutions, including SOC outsourcing, for businesses, MSPs, and MSSPs. |
Close the case on ransomware
In high stakes ransomware investigations, many security teams are unable to answer key questions and default to worst-case assumptions. With complete visibility from Corelight, teams can avoid costly overreactions. One customer, when confronted with a $10 million ransomware demand, used Corelight to prove the exfiltrated data being held for ransom had no real value while providing legal aircover for refusing to pay the ransom.
