Corelight has released improvements to its intrusion detection (IDS) subscription add-on. This allows the customer to replace her traditional IDS product.
New capabilities improve threat team efficiency by enabling teams to integrate security tools and generate alerts that are consolidated with the evidence needed to validate, triage, and remediate threats.
Additionally, Corelight takes a unique approach to IDS driven by Suricata IDS capabilities natively integrated with the open NDR platform.
That approach helped the company’s IDS subscription annual recurring revenue grow 75% year-over-year.
“Corelight’s NDR threat detection spans machine learning, behavioral models and signatures. The latter has also contributed significantly to our growth as more customers see the benefits of switching from standalone IDSs to an integrated NDR platform.” We are delighted to be here,” said Clint Sand. Senior Vice President of Products for Corelight.
“Generating alerts with the necessary evidence for validation and reconciliation dramatically reduces the noise and allows analysts to actually get to the alerts that matter.”
Corelight’s latest software release offers customers new IDS rule management capabilities and improved network visibility on devices, users, apps, and more, allowing customers to close the asset visibility gap and gain immediate asset context. We are positioned to add to the company’s growth trajectory by helping expedite investigations through .
“Once an alert is raised, the real investigative work begins. Analysts need fast and accurate answers about which assets were involved or exposed during an incident. While providing visibility, it also helps us understand asset activity over time,” says Sand.
“This eliminates the need for additional pivots and asset lookups, and can also reveal entities that traditional asset inventory management systems miss.”
Corelight is headquartered in San Francisco and was founded by the creators of Zeek.
This open-core security company transforms network and cloud activity into evidence that security teams can use to proactively hunt for threats, accelerate incident response, gain full network visibility, and create powerful analytics. I am working on doing it.
The company’s global customers include Fortune 500 companies, government agencies and universities.
Corelight’s latest software release offers two key benefits:
- Management and data export upgrades to software sensors.
- Option to deploy Corelight NDR. This allows customers to leverage their existing hardware investments for on-premises deployments to reduce costs.
Corelight also offers a variety of sensor form factors covering enterprise data centers, cloud workloads, and more.
The company’s flagship subscription service includes new Corelight Entity Collection insights at no additional charge.
However, Suricata IDS functionality, including the new rule management capabilities shipped in the latest release, is available as an add-on subscription.