OPEN NDR PLATFORM
Corelight combines the best in open-source technologies, fusing Suricata alerts with Zeek network data, then adding Smart PCAP for complete threat investigation.
OPEN NDR PLATFORM
Corelight transforms network and cloud activity into evidence. Easily deployed and available in on-prem and SaaS-based formats, Corelight combines the power of open source and proprietary technologies to deliver a complete Open Network Detection & Response (NDR) Platform that includes intrusion detection (IDS), network security monitoring and Smart PCAP solutions.
WHY OPEN NDR
Network Detection and Response platforms monitor and analyze network traffic, delivering telemetry into existing SIEM, XDR, or SaaS-based solutions. Corelight’s platform is unique because our detections and visibility engineering are community driven—with continuous content creation from Zeek®, Suricata IDS, and other Intel communities. And our integration with CrowdStrike XDR enables cross platform (EDR+NDR) analytics. This provides you with the most complete network visibility, powerful analytics, and threat hunting capabilities, and accelerates investigation across your entire kill chain.
It starts with the right telemetry
Zeek is the gold standard in open source network security monitoring with more than 10,000 deployments worldwide.
Correlate alerts & packets into evidence
Corelight’s platform fuses alerts and packets with rich, interconnected context to create a single source of truth that attackers cannot alter.
Apply the right detection approach per threat
Leverage our machine learning, behavioral analytics, and other signatures to lower false positives and accelerate detection engineering response time.
Forrester rates Corelight a strong performer
Corelight received the highest scores possible in the criteria of
- Detection fidelity
- Egress and internal visibility
- Cloud
