CONTACT US
forrester wave report 2023

Close your ransomware case with Open NDR

SEE HOW

Download our free guide to find hidden attackers.

Find hidden attackers with Open NDR

SEE HOW

cloud-network

Corelight announces cloud enrichment for AWS, GCP, and Azure

READ MORE

corelight partner programe guide

Corelight's partner program

VIEW PROGRAM

glossary-icon

10 Considerations for Implementing an XDR Strategy

READ NOW

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

g2-medal-best-support-spring-2024

Network Detection and Response

SUPPORT OVERVIEW

 

Corelight Extends Open NDR Platform with New Software Sensor, Expands Security Visibility and Advanced Event Analysis Across Hybrid, Multi-Cloud Environments

San Francisco, Calif. — Oct. 21, 2020 — Corelight, provider of the industry’s first open network detection and response (NDR) platform, today released new capabilities that provide users with greater network security visibility and the ability to support advanced threat analysis across their entire environment, from physical to cloud. Corelight’s new Software Sensor and Corelight Cloud Sensor for Google Cloud Platform (GCP) deliver comprehensive security insights into network traffic on any platform.

“Organizations today are faced with the challenge of limited visibility across distributed locations, or they have built their network infrastructure in the cloud using Google Cloud or other platform providers,” said Vijit Nair, senior director of product management for Corelight. “With the Corelight Software Sensor and Corelight Cloud Sensor for GCP, customers can now confidently normalize their network visibility across all platforms and truly benefit from Corelight ‘anytime, anywhere.’”

The Corelight Software Sensor is a lightweight standalone application, which can be deployed on any Linux platform, in containers or in the cloud, and is suitable for remote branch offices or low-bandwidth sites. In addition, the Corelight Software Sensor integrates easily with, and provides streaming log support for, Kafka, JSON, Splunk, REDIS, and syslog.

The Corelight Cloud Sensor for GCP brings high-performance Zeek monitoring to the cloud, making it possible to ingest traffic directly from GCP Packet Mirroring for compute or Kubernetes instances, or from third-party agents. In addition, the Corelight Cloud Sensor for AWS is now available for deployment with AWS GovCloud, making it compliant with US government security standards for federal agencies and other government organizations.

Today’s launch also extends Suricata integration across the full portfolio of physical Corelight sensors. Initially made available only on the Corelight AP 3000, Suricata support is now available to customers using the Corelight AP 200 and Corelight AP 1001. This ensures that more organizations will benefit from native Zeek and Suricata integration, resulting in superior combined performance, fused datasets for faster investigations and simplified data export controls.

“We are thrilled to extend Suricata support across the full portfolio of Corelight sensors,” said Sarah Banks, senior director of product management for Corelight. “The combined power of Zeek and Suricata means that security teams can turn discoveries into automated threat detections, saving them time and ensuring identification of real threats in real time.”

Availability

The Corelight Software Sensor and Corelight Cloud Sensor for GCP are now available for purchase. Corelight software version 20 is also now available to customers. A new two-port 10G management NIC will ship on all Corelight AP 1001 and 3000 sensors and is now available as an add-on purchase for existing customers. More information on Corelight's cloud security solutions and each of today’s enhancements can be found in the product section of Corelight’s website.

About Corelight

Corelight gives defenders unparalleled insight into networks to help them protect the world’s most critical organizations and companies. Based in San Francisco, Corelight is an open-core company founded by the creators of Zeek, the widely-used NSM tool. Corelight’s global customers include Fortune 500 companies, major government agencies, and large research universities. Corelight is based in San Francisco, Calif. For more information, visit https://www.corelight.com or follow @corelight_inc.

Recent Posts