Company leverages SentinelOne's rich endpoint
and vulnerability management telemetry data within Corelight Sensor
to find and disrupt attacks
SAN
FRANCISCO, Oct. 15, 2024 /PRNewswire/
-- Corelight, the fastest growing provider of network
detection and response (NDR) solutions, today announced a
partnership with SentinelOne™, (NYSE: S), a global
leader in AI-powered security, to provide real-time enrichment of
Corelight logs. Combining endpoint and vulnerability data at the
point of observation in the network sensor will greatly reduce a
security team's mean time to detect (MTTD) and mean time to
recovery (MTTR). This native integration drives AI-powered SOC
transformation and helps customers disrupt future attacks.
SOC teams can now control the increasing
volume of alerts and confidently reduce dwell time for a more
secure posture.
According to interviews conducted for the Mandiant Global
Perspectives on Threat Intelligence report, 84% of respondents said
that they are concerned they may be missing out on threats or
incidents because of the number of alerts and data they are faced
with. The need for analysts to manually integrate data sources and
sort through alerts that may not be indicative of malicious
activity leads to increased response time, analyst fatigue and
staff turnover. By correlating data from Corelight and SentinelOne
at the sensor level, Corelight can simplify and streamline alert
triage and provide better context for threats that are traversing
or hiding in the network.
"Security teams can become overwhelmed with information across
the security stack and as a result can miss the most critical
alerts to action immediately," said Todd
Wingler, Corelight vice president global alliances and
channels. "By combining the insights from both Corelight Open NDR
and the SentinelOne Singularity Platform, we're empowering SOC
teams to accelerate investigations, reduce false positives, and
focus on the most critical indicators of compromise. This means
they can finally gain control over the increasing volume of alerts
and confidently reduce dwell time for a more secure posture."
By enriching Corelight logs with relevant endpoint data from
SentinelOne Singularity™ Endpoint, SOC analysts have a
comprehensive and holistic view of network activity across all
connected devices, including unsecured, unsupported, and previously
unmanaged endpoints, where EDR cannot be installed. Moreover, by
correlating Corelight alerts with endpoint vulnerabilities
identified by SentinelOne Singularity Vulnerability Management,
mutual customers can more effectively detect and prioritize threats
based on current risks to the environment. Pre-correlating data
directly in the sensor enhances alerts with additional context that
can help accelerate investigations, streamline incident response
and reduce the distraction of alerts that can be deprioritized.
"For effective enterprise security, comprehensive visibility
across the network and each connected device is paramount," said
Melissa K. Smith, vice president of
Technology Partnerships & Strategic Initiatives, SentinelOne.
"As the fastest growing endpoint company and a top choice of
customers around the world, SentinelOne sets the standard for
endpoint protection. By integrating our AI-powered Singularity
Platform with Corelight's industry-leading network intelligence,
SOC teams get deeper insights into existing and novel threats with
broader detection coverage and faster investigations."
Learn More about how Corelight and SentinelOne together
provide a comprehensive view of enterprise security.
Corelight provides security teams with network evidence so they
can protect the world's most critical organizations and companies.
Corelight's global customers include Fortune 500 companies, major
government agencies, and large research universities. Based in
San Francisco, Corelight is an
open-core security company founded by the creators of Zeek, the
widely-used network security technology. For more
information, www.corelight.com.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/corelight-integrates-sentinelone-singularity-platform-data-to-accelerate-soc-transformation-302275724.html
SOURCE Corelight
