Mandiant Alliance | Corelight

ACCELERATE THREAT VISIBILITY, DETECTION, & RESPONSE

By correlating and analyzing over 50 network protocols, Corelight transforms network traffic into comprehensive, protocol-rich evidence that can help cybersecurity analysts quickly find and eliminate threats across their environment. Corelight’s Open NDR Platform has been instrumental in helping Mandiant customers enhance the visibility of potential threats, accelerate investigations, and understand the interrelated details of even the most sophisticated attacks.

Benefits:

Enjoy peace of mind with validation from Mandiant Incident Response and Managed Defense teams
Streamline workflows with native integration into Google Chronicle, Breach Analytics, Mandiant Threat Intelligence, Packet Mirroring, and VirusTotal
Combine rich, comprehensive network evidence with massive scalability and lightning-fast search from Chronicle
Elevate your security posture by extending advanced threat detection coverage to hybrid and multi-cloud environments

THREAT INTELLIGENCE

Corelight Sensors ingest Mandiant Threat Intelligence to provide enrichment of Zeek logs and correlation with Suricata alerts for optimal detection and response.

GOOGLE CHRONICLE

Rich Corelight telemetry is ingested and automatically parsed into Chronicle to help organizations maintain a strong security posture with a cloud-native, petabyte-scale SIEM platform.

BREACH ANALYTICS

Enriched Corelight logs, contextual alerts, and network security analytics power Chronicle’s breach analytics to accelerate investigations and threat hunting.

VIRUSTOTAL

Corelight integration enables SOC teams to easily identify and submit suspicious files for malware analysis with Google VirusTotal with a single click within Chronicle.

Open NDR for Google Cloud security environments

As a strategic Google Cloud security partner, Corelight’s Open NDR Platform integrates across the Google Cloud Security Operations Suite to deliver a superior level of attack visibility, response, and threat hunting capabilities. Organizations can use Mandiant Threat Intelligence to enrich Corelight high-fidelity logs and prioritize Suricata alerts that can be consumed into Chronicle and analyzed by its Breach Analytics module for faster, more effective investigations.

With Corelight’s insightful network evidence powering Chronicle SOAR playbooks, your overextended team can maintain a stronger security posture with more certainty and less effort. And with the ability for Corelight to identify suspicious files and trigger malware analysis through Google VirusTotal gives Chronicle customers and Mandiant consultants the ease and insight to detect and respond to threats faster and easier than ever.

By combining Corelight’s rich network evidence and analytics with the speed, scale, and intelligence of the Google SecOps Suite, security teams have an ideal solution to defend the enterprise more effectively, reduce alert backlogs, and accelerate investigations.

CORELIGHT + MANDIANT

ACCELERATE THREAT VISIBILITY, DETECTION, & RESPONSE

THREAT INTELLIGENCE

GOOGLE CHRONICLE

BREACH ANALYTICS

VIRUSTOTAL

Open NDR for Google Cloud security environments

Corelight’s integration across our Chronicle SecOps suite helps our customers maximize the value from our mission- focused organizations, with the incorporation of streamlined detections and solutions that are budget friendly for organizations of all sizes.

Have questions?

Sign up for our newsletter

Locations

1 (888) 547-9497

We're hiring!