forrester wave report 2023

Close your ransomware case with Open NDR



Corelight now powers CrowdStrike solutions and services



Alerts, meet evidence.



5 Ways Corelight Data Helps Investigators Win



10 Considerations for Implementing an XDR Strategy



Don't trust. Verify with evidence



NDR for Dummies



The Power of Open-Source Tools for Network Detection and Response



The Evolving Role of NDR



Detecting 5 Current APTs without heavy lifting



Network Detection and Response



Corelight Raises $9.2 Million in Series A Fundings

SAN FRANCISCO, Calif. — July 18, 2017 — Corelight, provider of the most powerful network visibility solution for cybersecurity, today announced that it has closed a $9.2 million Series A funding round led by Accel Partners, with participation from Osage University Partners and Riverbed Technology Co-founder Dr. Steve McCanne. The funding will be used to accelerate the company’s growth plans to meet the market demand for its products through investments in sales, marketing and engineering.

“We often invest in very widely-used open source projects. But it’s uncommon for them to have much enterprise market traction,” said Eric Wolford of Accel Partners. “And what’s highly unusual for a Series A company like Corelight is to have a shipping product built on battle-hardened open source software and dozens of paying customers including six of the Fortune 100, plus one of the largest private companies in the US. I’ve never seen that before.”

Corelight was founded by Dr. Vern Paxson (a Professor of Computer Science at UC Berkeley and Chief Scientist at Corelight), Robin Sommer (CTO) and Seth Hall (Chief Evangelist) to deliver network visibility solutions for cybersecurity built on an open source framework called Bro. Paxson began developing Bro in 1995 when he was working at the Lawrence Berkeley National Laboratory (LBNL); the name refers to George Orwell’s “Big Brother” as it signals the need for operators of network monitoring to remain mindful of their users’ rights and privacy. Today its powerful, versatile and actionable data is at the center of many of the world’s most capable security operations, including those at Amazon and Deloitte.

“We help our customers solve cybersecurity problems faster than they can today, often decreasing the time to resolve incidents from hours and days down to minutes. This new investment will accelerate our progress,” said Greg Bell, CEO of Corelight. “We’re busy working on a series of new features customers are asking for so they can focus effort away from sensor management and towards higher-value activities like data analysis, threat hunting and incident response.”

Customers describe the Corelight Sensor, Corelight’s first product, as a “flight data recorder” for their network because users can easily go back in time to quickly understand sophisticated cyber attacks more effectively than ever before. The Corelight Sensor is used to investigate and prevent ransomware, denial of service, unauthorized access, misconfiguration, abuse, exfiltration of data, malware infection, insider threat, port scanning, advanced persistent threat (APT) as well as phishing or other mail-based attacks or incidents.

The Corelight Sensor is a turn-key appliance that delivers the power of Bro while greatly reducing deployment time and complexity. It incorporates a host of features only available from Corelight, including a comprehensive API, enterprise integrations for Splunk, Amazon S3 and Kafka; performance optimizations yielding 3-4x higher data processing throughput compared to standard servers, a high performance FPGA-based network interface card (NIC), optimized file extraction and log filtering.

About Corelight
Corelight delivers the most powerful network visibility solutions for information security professionals, helping them understand network traffic and defend their organizations more effectively. Corelight solutions are built on the Zeek framework (formerly known as “Bro”), the powerful and widely-used open source network analysis framework that generates actionable, real-time data for thousands of security teams worldwide. Zeek data has become the ‘gold standard’ for incident response, threat hunting, and forensics in large enterprises and government agencies worldwide. Corelight makes a family of network sensors — both physical and virtual, at every scale — that take the pain out of deploying Zeek by adding integrations and capabilities large organizations need. The Zeek project was initially developed at Lawrence Berkeley National Laboratory (LBNL), and has been supported by the US Department of Energy (DOE), the National Science Foundation (NSF), and the International Computer Science Institute (ICSI). Corelight is based in San Francisco, Calif. For more information, visit or follow @corelight_inc.

About Accel Partners
Accel is a leading early and growth-stage venture capital firm, powering a global community of entrepreneurs. Accel backs entrepreneurs who have what it takes to build a world-class, category-defining business. Founded in 1983, Accel brings more than three decades of experience building and supporting hundreds of companies. Accel’s vision for entrepreneurship and business enables it to identify and invest in the companies that will be responsible for the growth of next-generation industries. Accel-backed companies include Atlassian, Braintree, Cloudera, DJI, Dropbox, Dropcam, Etsy, Facebook, Flipkart, Lookout Security, MoPub, Qualtrics, Slack, Spotify, Supercell, Vox Media and others.

About Osage University Partners
Osage University Partners is a venture capital firm focused on investing in startups that are commercializing pioneering university technologies. Osage partners with top research universities to invest in their most innovative startups, and Osage shares its investment profit with its partner institutions. The firm invests in software, hardware and life science companies at all stages of company development. Osage has partnered with 90 universities, including 36 of the top 50 U.S. institutions by research expenditures, and has invested in over 70 of their spinouts. Osage University Partners is part of a family of investment funds within Osage Partners, which is based in Philadelphia, PA and manages in excess of $500 million.

About Dr. Steve McCanne
Dr. Steve McCanne was the founder and CTO at Riverbed Technology, and prior to that the CTO of Inktomi (acquired by Yahoo). He has a PhD in Computer Science from UC Berkeley, worked as a Staff Scientist at LBNL and was an Assistant Professor of Computer Science at UC Berkeley. In the 1990s, he worked at LBNL where he shared an office with Dr. Vern Paxson, a co-founder of Corelight. While a researcher at UC Berkeley and LBNL, he co-developed, along with Van Jacobson and Craig Leres, the widely used tools tcpdump and PCAP which are still instrumental for network visibility today. At around the same time, Paxson was developing Bro, the foundational technology behind Corelight.

Recent Posts