You don't need more alerts, most of them crying wolf and wasting your time. And you don’t need packet upon packet dumped on you indiscriminately. What you need is a unifying foundation that gives you the right amount of data at the right time, organized into highly actionable logs. We needed it too. That’s why we founded Corelight.
We love open-source Bro, just like you. But when it comes to production deployment, usually the incident responders or threat hunters who know Bro become the sys admins too, and that poses a risk to your company. Read more in Seth's blog post.
When you deploy a Corelight Sensor, you're getting the expertise of Bro's creators packaged into a high performance appliance. You and your team can spend your time defending your network, not keeping Bro patched, upgraded, integrated and running.
Since we started developing the first Corelight Sensor in 2016, we thought about security, from the operating system on up. Every Bro feature we enable in the Sensor gets thorough design consideration from the creators of Bro, so you can be sure your deployment is as secure as possible.
Bro was created in 1995 by Corelight's chief scientist, Vern Paxson. Since then Bro's co-founders and their colleagues have been improving Bro, culminating in the development of the Corelight Sensor. When you buy one, you're buying decades of person-years of Bro expertise born from hundreds of real-world production deployments.
Most Bro users start with open-source. We get it (we built it!). But at some point you may be wondering whether it’s time for an enterprise solution. Here are the key differences.