COMPREHENSIVE THREAT DETECTION
Corelight delivers a comprehensive suite of network security analytics that help organizations identify more than 75 adversarial TTPs across the MITRE ATT&CK® spectrum. These detections reveal known and unknown threats via hundreds of unique insights and alerts across machine learning, behavioral analysis, and signature-based approaches. We apply the best tool for the job, drawing on continuous detection engineering from the open source community.
- Command-and-control (C2)
- Lateral movement
- Exfiltration over alternative protocol
- C2 over encrypted channel
- Lateral movement via SMB
Tools & exploits including:
- Cobalt Strike
Alerts that accelerate investigations
Corelight gives defenders direct access to the evidence behind every alert so they can make quick and accurate decisions that speed investigations and dramatically reduce response times.