Corelight Extends Open NDR Platform with New Software Sensor, Expands Security Visibility and Advanced Event Analysis Across Hybrid, Multi-Cloud Environments
Corelight, provider of the industry’s first open network detection and response (NDR) platform, released new capabilities that provide users with greater network security visibility and the ability to support advanced threat analysis across their entire environment, from physical to cloud. Corelight’s new Software Sensor and Corelight Cloud Sensor for Google Cloud Platform (GCP) deliver comprehensive security insights into network traffic on any platform.
“Organizations today are faced with the challenge of limited visibility across distributed locations, or they have built their network infrastructure in the cloud using Google Cloud or other platform providers,” said Vijit Nair, senior director of product management for Corelight. “With the Corelight Software Sensor and Corelight Cloud Sensor for GCP, customers can now confidently normalize their network visibility across all platforms and truly benefit from Corelight ‘anytime, anywhere.'”
Recommended AI News: NetSPI Adds to Leadership Team to Support Continued Focus on Customer Success
The Corelight Software Sensor is a lightweight standalone application, which can be deployed on any Linux platform, in containers or in the cloud, and is suitable for remote branch offices or low-bandwidth sites. In addition, the Corelight Software Sensor integrates easily with, and provides streaming log support for, Kafka, JSON, Splunk, REDIS, and syslog.
The Corelight Cloud Sensor for GCP brings high-performance Zeek monitoring to the cloud, making it possible to ingest traffic directly from GCP Packet Mirroring for compute or Kubernetes instances, or from third-party agents. In addition, the Corelight Cloud Sensor for AWS is now available for deployment with AWS GovCloud, making it compliant with US government security standards for federal agencies and other government organizations.
Today’s launch also extends Suricata integration across the full portfolio of physical Corelight sensors. Initially made available only on the Corelight AP 3000, Suricata support is now available to customers using the Corelight AP 200 and Corelight AP 1001. This ensures that more organizations will benefit from native Zeek and Suricata integration, resulting in superior combined performance, fused datasets for faster investigations and simplified data export controls.
“We are thrilled to extend Suricata support across the full portfolio of Corelight sensors,” said Sarah Banks, senior director of product management for Corelight. “The combined power of Zeek and Suricata means that security teams can turn discoveries into automated threat detections, saving them time and ensuring identification of real threats in real time.”