CONTACT US
forrester wave report 2023

Close your ransomware case with Open NDR

SEE HOW

ad-nav-crowdstrike

Corelight now powers CrowdStrike solutions and services

READ MORE

ad-images-nav_0013_IDS

Alerts, meet evidence.

LEARN MORE ABOUT OUR IDS SOLUTION

ad-images-nav_white-paper

5 Ways Corelight Data Helps Investigators Win

READ WHITE PAPER

glossary-icon

10 Considerations for Implementing an XDR Strategy

READ NOW

ad-images-nav_0006_Blog

Don't trust. Verify with evidence

READ BLOG

video

The Power of Open-Source Tools for Network Detection and Response

WATCH THE WEBCAST

ad-nav-ESG

The Evolving Role of NDR

DOWNLOAD THE REPORT

ad-images-nav_0006_Blog

Detecting 5 Current APTs without heavy lifting

READ BLOG

g2-medal-best-support-spring-2024

Network Detection and Response

SUPPORT OVERVIEW

 

ZEEK

With more than 10,000 deployments worldwide, Zeek® is the world's most widely used network security monitoring platform and is the foundation for Corelight evidence.

WATCH VIDEO

zeek-logo-blue-white-rgb-horizontal

 

The gold standard for network monitoring

Zeek transforms network traffic into compact, high-fidelity transaction logs, allowing defenders to understand activity, detect attacks, and respond to them. Zeek sits out-of-band, on-prem or in the cloud. It gathers metadata and extracted files, and formats everything for input into any SIEM or XDR. Zeek provides the evidence that is foundational to Corelight’s Open NDR Platform.

SEE ZEEK DATA

zeek-logs

 

The best network monitor, upgraded

 

See how Zeek works

EVIDENCE

Zeek

Zeek delivers the metadata and files that are essential components of Corelight evidence. It provides a complete, accessible view of every connection for analysis, investigation, and hunting. Learn about Zeek on Windows.

corelight-technology-diagram-1

 

Free Zeek cheatsheets

A selection of cheatsheets for understanding what’s in Zeek metadata. 

DOWNLOAD

ig-site-zeek-logs-cheatsheet-three-pages

 

Close the case on ransomware

In high stakes ransomware investigations, many security teams are unable to answer key questions and default to worst-case assumptions. With complete visibility from Corelight, teams can avoid costly overreactions. One customer, when confronted with a $10 million ransomware demand, used Corelight to prove the exfiltrated data being held for ransom had no real value while providing legal aircover for refusing to pay the ransom.

ebook-ransomware

 

Have questions?

Talk with one of our experts today.

CONTACT US