What is Corelight?
Corelight is an evidence-based NDR (Network Detection and Response) platform designed to disrupt future attacks. It offers complete network visibility, advanced analytics, faster investigations, and expert threat hunting. With Corelight, you can detect hidden attackers, reduce triage time, and improve detection rates.
What are the features of Corelight?
- Complete Network Visibility: Gain months of data, not just days, for thorough analysis.
- Advanced Analytics: Increase MITRE coverage with machine learning and other tools.
- Faster Investigations: Lower MTTR (Mean Time to Resolution) and improve close rates.
- Expert Threat Hunting: Shorten dwell times and uncover hidden attacks.
What are the use cases of Corelight?
- Ransomware Investigations: Prove the value of exfiltrated data and avoid costly overreactions.
- Cloud Security: Improve visibility and disrupt attacks in the cloud with AWS Cloud Sensor.
- Threat Hunting: Find hidden attackers and reduce triage time by up to 50%.
How to use Corelight?
- Open NDR Platform: Use Corelight’s data aggregation capability to reduce network log volume by up to 80%.
- Static File Analysis: Improve detection rates by up to 35% with YARA integration.
- Guided Triage: Simplify network complexities with single-screen triage and AI.
