NSM with Corelight Sensors based on Zeek gives a comprehensive picture of who’s doing what in your organization by capturing activities on the company network itself. Data extracted or derived from network traffic can be among the most important to solving security use cases because threats must traverse a network in order to achieve their purpose. It can be combined with other security-relevant data from cloud, endpoints, identity, and other sources to present a comprehensive view of an attack or incident, either in real-time or retrospective.
Start monitoring your network right away,
< 15 minutes deployment time.
Better data for lightning-fast investigation
Comprehensive data that covers dozens of network protocols in granular, actionable detail.
Formatted, organized, and interlinked data for easy, fast search.
Designed for automated analysis
Not only can you write powerful scripts that process the output of Zeek logs, but you can write scripts that run before the data is generated.
Custom scripts can also automate analysis tasks such as threat detection and network performance monitoring.