What is Digital Forensics & Incident Response (DFIR)?
What Is an Intrusion Detection System (IDS)?
What Is NDR (Network Detection & Response)?
What Is Packet Capture (PCAP)?
What Is Signature-Based Detection?
Report a security vulnerability
November 2, 2021 by Kylie Heintz
San Francisco, Calif., — Nov. 2, 2021 — Corelight, provider of the industry’s leading open network detection and response (NDR) platform, today announced product compatibility with Microsoft Defender for IoT. Corelight is the first Microsoft NDR partner to take advantage of Defender for IoT’s cross-industry integration capabilities. Corelight customers can send data from deployed sensors to Microsoft 365 Defender, and in turn to Defender for IoT to apply its behavioral analytics and machine learning techniques to discover and classify devices and to protect, detect, and respond to IoT attacks.“The number of unmanaged systems on the Internet is soaring, and this ever-expanding risk surface is already a target. Unfortunately, most defenders lack the information they need about IoT and OT systems in their environment,” said Greg Bell, co-founder and chief strategy officer for Corelight. “Our integration combines best-in-class network evidence from Corelight, with the advanced vulnerability management, threat intelligence and detection and response capabilities of Microsoft Defender for IoT. The result is more efficient incident response, and deeper insight into IoT footprint, behavior, and risk.”
Corelight’s open NDR solution provides full network coverage of on-premise, cloud, and hybrid environments to help security operations teams using Defender for IoT detect and respond to the most challenging attacks. As an open platform, Defender for IoT can use network signal from Corelight sensors for asset discovery, inventory, risk assessment, detection, and mitigation.
“Corelight is leveraging our open platform to share data to further enrich Microsoft Defender for IoT,” said Nir Giller, Microsoft Defender for IoT group manager. “Customers who have deployed Corelight can secure their entire IoT and OT environments with Microsoft 365 Defender and Defender for IoT within minutes while adding more detections based on encrypted traffic analysis and complementing Microsoft’s MITRE ATT&CK coverage.”
Additional benefits from Corelight’s solution include:
Today’s news was announced on the opening day of Microsoft Ignite 2021 virtual conference. In addition to this news, Corelight CSO Bernard Brantley will be speaking on the Tackling the biggest cybersecurity challenges in 2022 panel session at 11:30 a.m. Pacific Time today.
Corelight integration will be available with public preview of Microsoft Defender for IoT scheduled for November 30. More information on today’s news can be found on the Corelight blog.
Corelight provides security teams with network evidence so they can protect the world’s most critical organizations and companies. Corelight’s global customers include Fortune 500 companies, major government agencies, and large research universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek, the widely-used network security technology. For more information, www.corelight.com.