Read the Gartner® Competitive Landscape: Network Detection and Response Report
Read the Gartner® Competitive Landscape: Network Detection and Response Report
START HERE
WHY CORELIGHT
SOLUTIONS
CORELIGHT LABS
Close your ransomware case with Open NDR
OVERVIEW
PRODUCTS
SERVICES
ALLIANCES
USE CASES
Find hidden attackers with Open NDR
Corelight announces cloud enrichment for AWS, GCP, and Azure
Corelight's partner program
10 Considerations for Implementing an XDR Strategy
February 20, 2018 by Kylie Heintz
SAN FRANCISCO, Calif. — Feb. 21, 2018 — Corelight, provider of the most powerful network visibility solution for cybersecurity, today announced product integration with Elasticsearch, the world’s most popular distributed and real time search engine. Now organizations can import Corelight network logs directly to Elasticsearch, which makes the Elastic Stack a much more powerful platform for incident response and cyber threat hunting. Corelight will showcase the Elasticsearch integration at Elastic{ON} in booth B2 and during a presentation at the conference’s Spotlight Theater at10:00 a.m. PT on Wednesday, February 28.
“As a network traffic analysis solution, Corelight is focused on turning high-volume network traffic into high-fidelity data for incident response, intrusion detection, and forensics,” said Vince Stoffer, Director of Customer Solutions at Corelight. “Making it easy for companies adopting Elasticsearch to ingest Bro logs is really important. Whether they ingest data into Elasticsearch directly, or into Logstash, the depth and granularity that Bro provides about network traffic can be a real game changer for cybersecurity forensics.”
The integration is part of Corelight’s latest software release, version 1.13 and delivers native integration with the Elasticsearch API, offering a streamlined Corelight log export option that gives customers the choice to export directly to Elasticsearch or into Logstash.
This follows last month’s news that Corelight reported strong growth in 2017 with 10 of the Fortune 200 as customers and was included as a Vendor to Watch in Gartner’s January 2018 Magic Quadrant for Intrusion Detection and Prevention.
About Corelight
Corelight delivers the most powerful network visibility solutions for information security professionals, helping them understand network traffic and defend their organizations more effectively. Corelight solutions are built on the Zeek framework (formerly known as “Bro”), the powerful and widely-used open source network analysis framework that generates actionable, real-time data for thousands of security teams worldwide. Zeek data has become the ‘gold standard’ for incident response, threat hunting, and forensics in large enterprises and government agencies worldwide. Corelight makes a family of network sensors — both physical and virtual, at every scale — that take the pain out of deploying Zeek by adding integrations and capabilities large organizations need. The Zeek project was initially developed at Lawrence Berkeley National Laboratory (LBNL), and has been supported by the US Department of Energy (DOE), the National Science Foundation (NSF), and the International Computer Science Institute (ICSI). Corelight is based in San Francisco, Calif. For more information, visit Corelight.com or follow @corelight_inc.