Network data for humans.

You don't need more alerts, most of them crying wolf and wasting your time. And you don’t need packet upon packet dumped on you indiscriminately. What you need is a unifying foundation that gives you the right amount of data at the right time, organized into highly actionable logs. We needed it too. That’s why we founded Corelight.


Corelight Sensors

  • Physical
  • Virtual

As easy to use as it is powerful.

Take a peek at Corelight in action.

Case Study

Incident response up to 20x faster.

Education First is a global firm with 40,000 employees. After deploying Corelight Sensors, their security team saw incredible impact. The team needed a visibility and monitoring solution to provide real-time, actionable insight into network traffic spanning multiple business sites that each averaged approximately 1 Gbps of throughput.

Download the case study.

Corelight is the foundation for a modern security stack.

  • Network data as "ground truth" for security
  • Data-driven first, detection-driven second
  • High flexibility and easy repeatability

Corelight helps resolve security incidents faster. Find out how.

White Paper

An alert has fired. Now what?

Learn how Bro helps incident responders from resolve threats quickly from the moment they get a new alert.

Download the white paper.

Got a SIEM? Make it better with Bro.

Bro is not another pane of glass or analytic stack. Instead it makes the stack you already have better. Whether you use Splunk, Elastic Stack, ArcSight, QRadar, Spark or just about anything else, ingesting Bro logs will give your threat hunters and incident responders more to work with.


Recent release features

New web-based user interface

Corelight Sensors can now be configured and managed via a beautiful, intuitive Corelight web app that makes sensor configuration a snap and greatly improves the accessibilty of key features like log filtering.

Support for the Bro Intel Framework

Corelight customers can now import their favorite intel feeds for use with Bro scripts, such as the Anomali Threat Intelligence Platform.