CONTACT US
forrester wave report 2023

Forrester rates Corelight a strong performer

GET THE REPORT

ad-nav-crowdstrike

Corelight now powers CrowdStrike solutions and services

READ MORE

ad-images-nav_0013_IDS

Alerts, meet evidence.

LEARN MORE ABOUT OUR IDS SOLUTION

ad-images-nav_white-paper

5 Ways Corelight Data Helps Investigators Win

READ WHITE PAPER

glossary-icon

10 Considerations for Implementing an XDR Strategy

READ NOW

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

ad-nav-NDR-for-dummies

NDR for Dummies

GET THE WHITE PAPER

video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

g2-medal-best-support-ndr-winter-2024

Network Detection and Response

SUPPORT OVERVIEW

 

Case Studies

Faster response times. Powerful threat hunting capabilities.

Zeek® is used by thousands of organizations around the world to extract meaningful data from network traffic in real time. Here are a few examples of real world implementations.

Federal agency

The challenges of real-time DNS transaction data meant analysts spent 20 minutes manually aggregating data for every event. They deployed a Corelight Sensor with Splunk to monitor east-west traffic to get direct access to the right data.

  • Gained full visibility into their DNS data
  • Reduced average response time by 80%

Download the case study

Major manufacturer takes Zeek to the next level

After years of working with Zeek, the manufacturer wanted to migrate to a much higher throughput connection while minimizing packet loss. Corelight was the answer, delivering a true enterprise-grade, high-performance Zeek solution that was far easier to manage.

Download the case study

Education First resolves incidents up to 20x faster

Education First is a global firm with 40,000 employees. After deploying Corelight Sensors, their security team saw incredible impact. Their average incident response time dropped from hours to minutes thanks to Corelight’s network logs that allowed them to make lightning-fast sense of their traffic.

Download the case study

Global law firm unlocks threat hunting capabilities

The law firm wanted a threat hunting solution based on network traffic analysis to provide real-time, comprehensive insight into traffic spanning multiple data centers and satellite offices around the world that collectively saw throughput speeds of up to 6 Gbps.

Download the case study

Top-tier research university builds custom detection scripts

A top research university's network footprint spans multiple campuses, with average utilization exceeding 35 Gbps. They wanted to build more custom detection scripts, but their netflow records and server and firewall logs did not offer rich enough data to accomplish this. Corelight's Zeek logs did.

Download the case study

How Corelight cured an energy company's SOC of a serious SMB headache

A Security Engineer at one of the world's largest energy companies found Corelight through his prior experience running Zeek, an open-source network security monitoring framework. The Security Engineer worked on an agile security engineering team within the organization's Security Operations Center (SOC) and managed network forensics across multiple regional offices.

Download the case study

Energy company fills critical gap

A major energy company needed greater visibility into their internal networks, as well as DNS and DHCP traffic. To resolve this significant gap in coverage, they turned to Corelight's exceptional, easily correlated security data, which they used for other unplanned use cases including incident response.

Download the case study

IT infrastructure firm moves faster

A leading global services and software company had been using Zeek for a decade, but they needed a commercial solution to cover their large operation from all kinds of threats. Upgrading to Corelight was easy, as they only had to make minor changes to their existing workflows.

Download the case study

Education organization achieves more rapid attack response

Grand Canyon Education trades black box NDR for Corelight's open source platform to get transparent and actionable detection logic for swift, confident response decisions.

Download the case study