About Corelight
Corelight gives defenders unparalleled insight into their networks, helping protect the world’s most critical organisations and companies. Based in San Francisco, Corelight is an open-core company founded by the creators of Zeek, the widely-used NSM tool. Corelight helps proactive defenders, facing relentless, asymmetric threats, to reach, secure and hold the high ground by extracting, connecting, and analysing network evidence to gain enduring, structural advantage.
Insight
See everything that happens on your network. Capture, connect, and interpret the evidence that matters. Iterate analysis over time as threats evolve
Durability
Own your data across years and platforms. Adapt together with a strong open-source community. Build your stack on flexible, time-tested technology.
Acceleration
Amplify downstream analysis with structured data. Fuse hunting and response like the world’s best blue teams. Deepen defenses with custom capabilities and detection.
The Market Opportunity
Network Detection and Response (NDR) is a cyber security technology enabling organisations
to monitor network traffic for malicious or suspicious behavior, and to respond to cyber
threats to the network as they are detected. Gartner defined the NDR solution category in 2020, renaming a previous category, “Network Traffic Analysis”. It forms part of the SOC visibility triad of SIEM/UEBA, NDR and EDR, and is essential in order to cover the breadth of TTPs in the Mitre Att@ck Framework. Currently, in EMEA, the NDR market is valued above $1B.
Open NDR - The Benefits
Reduce Strategic Security Risk
- Coverage for the Mitre Att@ck framework beyond EDR’s reach
Reduce Strategic Security Risk
- Security-relevant data - everything you need, and nothing you don’t
- Structured and interlinked data for fast pivoting
- Logs going beyond the norm - curated, structured data sets
Accelerated security investigations
- Up to 20 times faster
- Compact data model allowing you to retain logs going back months or years
Novel and behavioral threat detection
- Insights into encrypted traffic
What Do Corelight Customers Say?
Corelight’s Open NDR platform delivers tremendous value to enterprise and government customers in many ways, but primarily through more efficient and effective security operations.
Open NDR provides relevant, curated, structured and interconnected data, derived from network traffic, allowing incident responders and threat hunters to resolve investigations more quickly.
This reduces the operational and strategic risks faced by most modern organisations. In turn, the probability of severe compromise is reduced. As with most security solutions, that makes explicitly quantifying the value realised more challenging. However, this document will illustrate the ways in which Corelight’s Open NDR Platform will deliver quantifiable business value to your organisation.
Learn More
Download these fabulous resources to get more information on Corelight products and services
Learn More
Download these fabulous resources to get more information on Chronicle’s products and services
