CONTACT US
CONTACT US

START HERE

Evidence-based security

 

WHY CORELIGHT

Complete visibility

Next-level analytics

Faster investigation

Expert hunting

    CORELIGHT LABS

    Recent research

    Mission and team

    Insights

    Polaris program

      TRENDING TOPICS

      Encrypted traffic

       

      VERTICALS

      Federal
        ad-images-nav_0001_SANs thumb

        SANS Protects: The Network

        DOWNLOAD WHITE PAPER

        ad-images-nav_0009_Threat-hunting-guide

        Threat hunting guide

        GET THE GUIDE

        OVERVIEW

        Open NDR Platform

        Analytics & detections

         

        PRODUCTS

        Zeek

        IDS

        Smart PCAP

        Investigator

          SENSORS

          Appliances

          Cloud

          Software

          Virtual

          Fleet Manager

          View all products

            SERVICES

            Training

             

            ALLIANCES

            CrowdStrike

            Mandiant

            Microsoft

            Splunk

            View all

             

            USE CASES

            Case Studies

            View all
              ad-nav-crowdstrike

              Corelight now powers CrowdStrike solutions and services

              READ MORE

              ad-images-nav_0013_IDS

              Alerts, meet evidence.

              LEARN MORE ABOUT OUR IDS SOLUTION

              ad-images-nav_white-paper

              5 Ways Corelight Data Helps Investigators Win

              READ WHITE PAPER

              BLOG

              Read the latest

                EVENTS

                Meet with us

                  DEMOS

                  Get a demo
                    ad-images-nav_0000_Thinking-like-a-threat-actor

                    Thinking like a Threat Actor: Hunting the Ghost in the Machine

                    WATCH THE WEBCAST

                    ad-images-nav_0006_Blog

                    Don't trust. Verify with evidence

                    READ BLOG

                    ABOUT US

                    About Corelight

                    Careers

                    Leadership

                    Investors

                    Newsroom

                    Apex Awards

                      CHANNEL PARTNERS

                      Partner Program

                      Deal registration

                      Partner Academy

                      Become a Partner
                          ad-nav-NDR-for-dummies

                          NDR for Dummies

                          GET THE WHITE PAPER

                          ad-nav-video

                          The Power of Open-Source Tools for Network Detection and Response

                          WATCH THE WEBCAST

                          ad-nav-ESG

                          The Evolving Role of NDR

                          DOWNLOAD THE REPORT

                          SUPPORT SERVICES

                          Open a ticket

                          Account login

                          Technical bulletins

                          Report a security vulnerability

                            WORLD-CLASS SUPPORT

                            Support overview
                                ad-images-nav_0006_Blog

                                Detecting 5 Current APTs without heavy lifting

                                READ BLOG

                                DEFENDING FEDERAL NETWORKS WITH OPEN NDR

                                A data-first approach that builds resiliency, expands capability, and advances the mission.

                                DOWNLOAD ONE PAGER NOW

                                 

                                 

                                fed-hero-evidence

                                 

                                Federal events & news

                                EVENT
                                Rocky Mountain Cyber Symposium
                                FEB 20–23, 2023
                                Colorado Springs, CO | Booth #51

                                Event details

                                EVENT
                                RSA Conference 2022
                                April 24–27, 2023
                                San Francisco, CA | Booth #1555

                                Event details

                                EVENT
                                AFCEA Technet Baltimore
                                May 2–4, 2023
                                Baltimore, MD | Booth #2745
                                Event details
                                BLOG POST
                                Government gets serious: deadlines for Zero Trust Architectures

                                Read more

                                Fed icon

                                Corelight's evidence-based Open Network Detection and Response (NDR) Platform delivers superior network visibility. With Corelight, federal security teams can find and investigate cyber incidents faster and more effectively because we provide the context and evidence surrounding the incident with a simple pivot. We’re experts on what matters to federal customers and partners, from compliance mandates to MTTD/MTTR metrics. No matter what you need, our ultimate goal is to help you build a resilient, operationally-directed security posture.

                                COMPLETE VISIBILITY | NEXT-LEVEL ANALYTICS | FASTER INVESTIGATION | EXPERT HUNTING 

                                ZERO TRUST

                                You can't protect what you don't know, making Zero Trust verifications a must. Zero Trust architectures demand continuous verification and deep, dark investigations—something only robust network visibility can provide. Corelight can show you your entire network, and everything on it, almost instantly.

                                DOWNLOAD WHITE PAPER

                                NETWORK MODERNIZATION

                                Executive Order 14028 brings an urgency to federal efforts to modernize cybersecurity and establish resiliency. Network Detection and Response can help agencies take advantage of the benefits of multi-cloud environments, while protecting vital assets and data.

                                OMB M-21-31 WHITE PAPER TIC 3.0 WHITE PAPER

                                CLOUD MIGRATION

                                Corelight offers sensors for AWS GovCloud, Azure Government, and Google Cloud that deliver the same comprehensive, correlated evidence as on-prem sensors do, and we’re constantly working on deeper integrations that enhance visibility and promote security insights. 

                                 

                                 

                                 

                                Integration with federal tools

                                Corelight’s Open NDR Platform integrates seamlessly with the platforms, partners, and frameworks your teams already use:

                                Splunk_logo (1)


                                Corelight’s Splunk app and deep integration with the Splunk Enterprise Security SIEM delivers essential network evidence to the modern security stack. Corelight automatically streams rich network telemetry to Splunk, and provides security teams with an unparalleled understanding of their network, along with actionable insights.

                                DOWNLOAD SOLUTION BRIEF
                                • Native Splunk SIEM export and CIM compliant
                                • Customize, filter, and control data ingest
                                • Corelight for Splunk app for threat hunting
                                • Feed Splunk Enterprise Security data models and dashboards.
                                • Splunk SOAR playbooks for automation.
                                • Splunk Machine Learning Toolkit ready

                                DOWNLOAD SPLUNK ENTERPRISE BRIEF

                                DOWNLOAD SOAR BRIEF

                                Bitmap-2


                                Corelight automatically streams rich evidence to Elastic Security, providing a broad, deep view of the network, as well as actionable insights that can reduce response time by 20x. The Corelight ECS Mapping streamlines the implementation of automated analysis, including machine learning-based anomaly detection and alerting.

                                • Native Elastic Security export, ECS compliant
                                • Pre-built Kibana dashboards for hunting
                                • Customize, filter, and control data ingest
                                • ElasticSearch machine learning-ready
                                DOWNLOAD SOLUTION BRIEF

                                MITRE ATT&CK®

                                MITRE ATT&CK® is an indispensable repository of tactics, techniques, and procedures (TTPs) that adversaries employ. Addressing the full spectrum of TTPs requires a host of different tools with different strengths and weaknesses. Corelight’s network evidence excels at illuminating the blindspots others can’t. 
                                ATT&CK

                                 

                                Compliance

                                Aligned to federal iniatives and requirements.
                                We know how to navigate the unique standards and requirements that are essential to the federal operating environment.

                                • Mapping to the MITRE ATT&CK® framework
                                • DHS Continuous Diagnostics and Mitigation (CDM)
                                • Adherence to Zero Trust tenets
                                • Network modernization
                                • Federal compliance requirements
                                Purchasing

                                How to buy
                                Federal agency customers can access Corelight solutions through a variety of channel partners and federal contract vehicles.

                                Certifications
                                • FIPS 140-2: Corelight Sensors comply with the Federal Information Processing Standard 140-2. Read more.
                                • National Information Assurance Plan Common Criteria: Corelight is NIAP CC certified. We can provide additional information on request.
                                • Authority to Operate: Corelight has been authorized for operational use by agencies in the DoD, IC, Federal Civilian sector, and companies in the defense industrial base (DIB).
                                • SOC2
                                • TAA
                                • GDPR

                                Have questions?

                                Talk with one of our experts today.

                                CONTACT US