Cloud Sensors

Cloud Sensors hero banner

Available for AWS, Microsoft Azure, and Google Cloud Platform, our Cloud Sensors pacakage enterprise Zeek at speeds up to 8 Gbps.

Available for AWS, Microsoft Azure, and Google Cloud Platform, our Cloud Sensors package enterprise Zeek at speeds up to 8 Gbps.

Cloud Sensors hero banner
Cloud Sensor Cloud Sensor for AWS
  • Deploys in AWS and AWS GovCloud (US)
  • Ingests traffic via native traffic mirrors or agent-based solutions
  • Rapid deployment
Download specifications
Expander icon
Cloud Sensor Cloud Sensor for Azure
  • Deploys in Azure
  • Ingests traffic via agent-based solutions
  • Rapid deployment
Download specifications
Expander icon
Cloud Sensor Cloud Sensor for GCP
  • Deploys GCP
  • Ingests traffic via native traffic mirrors or agent-based solutions
  • Rapid deployment
Download specifications
Expander icon

Ready to get started?
We're here to help:

Sales Representative - Drew Sales Representative - Burton Sales Representative - Attila

Next-level results from your SIEM

Your SIEM success depends on the data you feed it. Stop sending Netflow and other low quality, “side-effect” network logs to your SIEM and replace them with Corelight’s rich, protocol-comprehensive logs that accelerate incident response and threat hunting workflows in your SIEM. Export Corelight’s Zeek logs to Splunk, Elastic, QRadar, Spark or just about any data tool of your choice in a matter of minutes.

splunkkafkajsonelastic
splunkkafkajsonelastic
Raise your SIEM’s upside

The security stack, elevated

  • Transform raw packets into security "ground truth"
  • Better network data = better security analytics
  • A flexible technology stack for all environments
Corelight Modern Security Stack

Recent release features

Find Lateral Movement with MITRE BZAR

Corelight Sensors now ship with the MITRE BZAR package in the Core Collection, which detects lateral movement techniques in MITRE ATT&CK related to SMB and DCE-RPC traffic, such as indicators targeting Windows Admin Shares and Remote File Copy. It can also extract detection-related files to enable investigations of suspicious traffic.

Pivot to Suricata and PCAP with Community ID

Community ID is an industry flow-identification standard that creates a common hash of the 5-tuple and appends it to Corelight’s conn.log so analysts can quickly pivot on a connection in Corelight to and from equivalent flows in tools such as Suricata, Elastic, Moloch and more.

We use cookies on this site to provide you with a more personalized experience. Our Cookie Policy.

The Z and Design mark and the ZEEK mark are trademarks and/or registered trademarks of the International Computer Science Institute in the United States and certain other countries. The Licensed Marks are being used pursuant to a license agreement with the Institute.

© 2021 Corelight, Inc. All rights reserved.