Corelight

We make the world’s networks safer.

Attackers hide in network blindspots and noise. To illuminate them, Corelight transforms packets into rich logs, extracted files, and custom insights. Corelight is powered by open-source Zeek / Bro, a platform used by thousands of organizations and supported by decades of community development.

CLOUD SENSOR

null

  1. Deploys in AWS or Azure
  2. Ingests traffic via native traffic mirrors (AWS only) or agent-based solutions
  3. Rapid deployment

Corelight makes sense of traffic in the cloud, fast......

Designed specifically for security needs, the Corelight Cloud Sensor delivers high-fidelity data for incident response, intrusion detection, forensics. It parses dozens of network protocols for a rich, actionable picture of traffic, empowering security analysts to make sense of traffic and respond to attacks far faster.

Powerful encrypted traffic insights, without breaking and inspecting.

Attackers hide in network blindspots and noise. To illuminate them, Corelight transforms packets into rich logs, extracted files, and custom insights. Corelight is powered by open-source Zeek / Bro, a platform used by thousands of organizations and supported by decades of community development.

Sensor Appliances

  1. 25 Gbps+ monitored traffic
  2. 1U rack mounted appliance
  3. 15 minute out-of-band deployment

The Corelight AP 3000 Sensor is our most powerful appliance, designed to monitor network speeds up to 25 Gbps.

Simple to deploy and integrate with existing analysis tools, the AP 3000 transforms network traffic on very high bandwidth links into high-fidelity data for incident response, intrusion detection, forensics and more. The AP 3000 Sensor parses dozens of network protocols and generates rich, actionable data streams designed for security professionals by security professionals.

  1. Up to 2 Gbps monitored traffic
  2. 1U half-depth rack mounted appliance
  3. 15 minute out-of-band deployment

The Corelight AP 200 Sensor is ideal for branch offices or high value enclaves that need comprehensive network monitoring.

Simple to deploy and integrate with existing analysis tools, the AP 200 transforms up to 2 Gbps of network traffic into high-fidelity data for incident response, intrusion detection, forensics and more. The AP 200 parses dozens of network protocols and generates rich, actionable data streams designed for security professionals by security professionals.

Powerful encrypted traffic insights, without breaking and inspecting.

Attackers hide in network blindspots and noise. To illuminate them, Corelight transforms packets into rich logs, extracted files, and custom insights. Corelight is powered by open-source Zeek / Bro, a platform used by thousands of organizations and supported by decades of community development.

Virtual Sensor

  1. Requires VMware ESXi 6.0 or above or Hyper-V on Windows Server 2016
  2. Up to 2 Gbps per instance
  3. Capacity licensed (independent of instances)
  4. 15 minute out-of-band deployment”

The Corelight Virtual Sensor is our most flexible form factor, designed to monitor traffic anywhere at speeds up to 2 Gbps using scalable configurations for VMware or Hyper-V.

The Corelight Virtual Sensor transforms network traffic into high-fidelity data for incident response, intrusion detection, forensics and more. The Corelight Virtual Sensor parses dozens of network protocols and generates rich, actionable data streams designed for security professionals by security professionals.

Powerful encrypted traffic insights, without breaking and inspecting.

Supersecure your data with Corelight

Request Demo