Powerful tool able to improve visibility, detection and response timing for real-time network traffic analysis up to 25 Gbps and for post-analysis related to threat management
Designed by the authors of the open source Zeek (former BRO), Corelight Network Security Monitor and Threat detection, through the creation of log reports related to the most widespread protocols, called BRO logs
Threat analyses requiring hours using Snort, Argus, PCAP, Netflow and Syslog are obtained in minutes
Thanks to the Zeek scripting language (Turing complete), possibility to extend or enrich the various protocols offered by default such as IP, TCP, UDP, ICMP, SMB, SSH, Radius and Tunneling
Corelight sensors integrate with the most widespread analytical data solutions including Splunk, Elastic, Kafka, Syslog, S3 and Exabeam
Appliance HW 2, 10 and 25 Gbps
Virtual Sensor VMware (ESXi 6.5 o superiori), da 250 Mbps a 2 Gbps
Faster response time (20x)
Better threat detection capacity (e.g. lateral movement)
Near zero packet loss
Target clients
- Government agencies
- High-end research centers
- Universities
- Global 2000 companies >$1bn in revenues
Customer needs
- Security architecture/engineering
- Incident response
- Threat hunting
- Data analysis and correlation aimed at detecting network threats