Corelight Sensors transform network traffic into rich logs, extracted files, and custom insights via Zeek (formerly known as Bro), a powerful, open-source network security monitor used by thousands of organizations worldwide. Make quick sense of traffic so you can resolve incidents faster and threat hunt more effectively.
Watch our webcast to learn how it works in AWS.
Education First is a global firm with 40,000 employees. After deploying Corelight Sensors, their security team saw incredible impact. The team needed a visibility and monitoring solution to provide real-time, actionable insight into network traffic spanning multiple business sites that each averaged approximately 1 Gbps of throughput.
Learn how Bro helps incident responders resolve threats quickly from the moment they get a new alert.
Bro is not another pane of glass or analytic stack. Instead it makes the stack you already have better. Whether you use Splunk, Elastic Stack, ArcSight, QRadar, Spark or just about anything else, ingesting Bro logs will give your threat hunters and incident responders more to work with.
Corelight Fleet Manager streamlines the deployment, configuration, and administration of Corelight Sensors across an organization, supporting all of your sensors from a single console including a operational health dashboard, RBAC, customizable configuration templates, and sensor health and performance monitoring.
Corelight Sensors now ship with the Core Collection, a family of Zeek packages curated and certified by Corelight for performance and stability that provide threat detection, data enrichment, and operational insight, such as SSL fingerprinting, port scanning detection, and the annotation of DNS host names to Zeek’s conn.log.
