Dubai, Middle East – Jan. 13, 2025 — Corelight, the leading network detection and response (NDR) company, which in its latest fiscal year ended Jan. 31, 2024 posted 40% year-on-year revenue growth, today announces the availability of its Investigator SaaS NDR platform on the AWS Middle East (me-central-1) region. Security Operations Center (SOC) teams in the Middle East can take advantage of NDR powered by advanced AI providing real-time visibility, advanced detections, and response, in combination with the inherent security of AWS Cloud, the world’s most secure global cloud infrastructure. By hosting the platform on AWS Middle East, Corelight enables organizations to benefit from local data sovereignty and reduced operational costs while increasing NDR performance and scalability.
Corelight has seen strong customer demand for its Open NDR Platform, driven by its features combining alerts with network evidence across hybrid and multi-cloud environments. Corelight’s most recent cloud sensor product releases now include detections for data exfiltration and command and control traffic for the cloud, enriching network analytics with cloud service information, and enhanced visibility for encrypted traffic, which accounts for the majority of cloud traffic today.
Corelight’s on-premise and cloud sensors allow customers to
- Extend visibility with uniform telemetry across hybrid environments
- Identify stealthy cloud attacks masquerading as legitimate traffic with custom detections
- Accelerate incident response with rich evidence
- Provide an additional layer of security and monitoring on top of the secure AWS Cloud
"At Corelight, we are dedicated to proactively assisting our clients stay at the forefront of cloud security," said Vijit Nair, VP of product management at Corelight. “As organizations around the world face acute cybersecurity workforce shortages and skill gaps, our technology holds real potential to help security teams meaningfully address these challenges through workflow acceleration. Corelight’s SaaS capabilities have the potential to be a force multiplier for resource constrained SOCs and quickly uplevel analysts by generating clear and direct alert explanations and investigative guidance."
The company recently released a new set of capabilities called Guided Triage in its SaaS solution, Corelight Investigator. Guided Triage utilizes artificial intelligence (AI) to deliver fast, expert-level data insights in plain language, which expedites triage, reduces SIEM ingest requirements and associated costs, and bridges analyst skill gaps. According to a 2023 report by Enterprise Strategy Group (ESG), 62% of security operations center (SOC) teams are seeking cost-effective solutions due to the escalating expenses related to storing and managing large volumes of log data within SIEM systems. In addition, the increasing complexity and volume of cyber threats are pushing SOC teams to leverage AI to ensure that security analysts at all levels can better understand both the severity and priority of alerts using plain language for faster decision-making. Corelight applies industry-first large language models (LLMs) to summarize network activity and attack payloads, and innovative packet capture and single-screen triage technology to both reduce costs, and significantly accelerate incident response.
Corelight also recently released static file analysis capabilities powered by the integration of YARA, an open-source tool used to scan files and data streams for patterns associated with malware. With YARA rules now available in Corelight sensors, security teams are able to add static file analysis as a critical element of their network monitoring capabilities. Integrating YARA rules into Corelight Open NDR increases the overall efficiency of the security operations center (SOC) by eliminating the need for manual processes or additional tools to extract and analyze files, detect malware, and create an alert when malware is detected.
To learn more about Corelight’s Open NDR Platform & Investigator, please visit: https://go.corelight.com/ai-powered-ndr-saas-platform-aws
About Corelight
Corelight transforms network and cloud activity into evidence that security teams use to proactively hunt for threats, accelerate response to incidents, gain complete network visibility and create powerful analytics. Corelight’s global customers include Fortune 500 companies, major government agencies, and large universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek®, the widely-used network security technology. For more information, visit https://corelight.com or follow @corelight_inc.
