Corelight Open NDR

Accelerate threat detection and response

Corelight Open Network Detection and Response combines rich network telemetry with world-class endpoint and threat intelligence from CrowdStrike to detect breaches across environments. Leveraging CrowdStrike Falcon® Intelligence, Corelight correlates detection rules and indicators of compromise (IOCs) with observed network behavior, resulting in Zeek evidence, Suricata alerts, selective packet captures, and extracted files which can then be pushed to SIEMs, log management systems, and analysis tools.

01
Security for every device
Radically improve network detection coverage, especially for high-value assets, unmanaged devices, cloud and IoT
02
Accelerate response and enable hunting
Correlate alerts with comprehensive evidence and endpoint insights for breadth and context
03
Unified threat intelligence
Leverage Falcon Intelligence Premium detections and IOCs across endpoints and networks to simplify and amplify threat detection

More from Corelight

Corelight Data Connector

Enhance Falcon Insight XDR detections with Corelight NDR data

Corelight Network Security for Falcon LogScale

Ingest, analyze, and visualize Corelight data in Falcon LogScale

Corelight Sample Data for Falcon LogScale

Sample data snapshot of Corelight network detection information in Falcon LogScale

Corelight Open NDR

Accelerate threat detection and response

Security for every device

Accelerate response and enable hunting

Unified threat intelligence

More from Corelight

Corelight Data Connector

Corelight Network Security for Falcon LogScale

Corelight Sample Data for Falcon LogScale

Join our open cybersecurity ecosystem of best-of-breed solutions to drive innovation and stop breaches.