CORELIGHT + MICROSOFT
SUPERCHARGE SENTINEL AND DEFENDER WITH POWERFUL NETWORK EVIDENCE
Corelight transforms network traffic into comprehensive, protocol-rich evidence that Microsoft Defender and Sentinel analysts can use to optimize their threat detection and response capabilities. By correlating metadata from over 50 protocol logs, Corelight gives SOC teams a clear picture of all network activity across their organization, including all IT, IoT, and ICS networks, so they can find and respond to threats quickly and easily.
Integration benefits:
- Complete network visibility across hybrid environments, including IT, IoT, and ICS
- One network telemetry source for Sentinel, Defender for IoT, and 365 Defender
- Advanced telemetry and analytics to support XDR and Zero Trust initiatives
- Faster investigations, better detections, and less alert fatigue
MICROSOFT SENTINEL
Along with native data integration, the Corelight App for Microsoft Sentinel includes pre-defined workbooks (dashboards), sample queries, and analytics rules that make SOC teams more efficient and effective.
MICROSOFT DEFENDER FOR IOT
Corelight network telemetry and analytics integrate with Defender for IoT to provide a holistic view of your IoT and ICS environments, including automatic device inventory.
CLOUD SENSOR FOR AZURE
By transforming cloud traffic into comprehensive evidence and actionable insights, Corelight Cloud Sensor for Azure enables you to quickly detect and respond to threats that target your cloud workloads.
Have questions?
Talk with one of our experts today.
