Corelight's industry-leading Open NDR solution
delivers pre-correlated detections and out-of-the-box workflows to
accelerate security operations
SAN
FRANCISCO, May 7, 2024 /PRNewswire/ -- Corelight, the
leader in open network detection and response (NDR), today unveiled
an out-of-the-box connector to ingest real-time and enriched
network data into CrowdStrike Falcon® Next-Gen SIEM. This native
integration unifies Corelight third-party detections and data with
CrowdStrike's security and threat intelligence data to drive
AI-powered SOC transformation and help customers disrupt future
attacks.
"Security operations teams need the best evidence to find and
disrupt attacks," said Brian Dye,
CEO of Corelight. "The combination of Corelight's network insight
and CrowdStrike's Next-Gen SIEM allows defenders to minimize
attacker dwell time and close out cases faster."
Native integration between the two platforms, combined with
Corelight's open approach to detections and evidence, delivers true
ground truth for next-gen SIEM workflows. By leveraging open source
technology such as Zeek and Suricata, organizations can tap
into over two decades of insights from elite defenders and achieve
95% faster average response time. Falcon Next-Gen SIEM delivers
more capabilities and up to 150x faster search performance than
legacy SIEMs and solutions positioned as SIEM alternatives, at an
80% lower total cost of ownership.
The new integration leverages CrowdStrike platform data, threat
intelligence, AI, and workflow automation in Falcon Next-Gen SIEM,
helping security teams orchestrate defenses, enable risk-based
alert triage to prioritize exploits against known vulnerable hosts,
and reduce asset inventory gaps through the identification of
unmanaged endpoints on the network. Together, this enables
customers to:
- Find and investigate evasive threats with AI-powered detections
and full contextual insights from Corelight directly within the
Falcon platform;
- Accelerate deployment with over 20 native dashboards, 25
correlation rules, and 60 queries designed specifically for
Corelight third-party data;
- Unify SOC data and consolidate legacy network security
solutions to improve operational efficiency
"Today's SOC needs to operate faster than the adversary.
Next-Gen SIEM will deliver the speed security analysts need to
rapidly detect, investigate and respond to attacks," said
Daniel Bernard, chief business
officer, CrowdStrike. "Our integration with Corelight expands the
ecosystem of third-party sources supporting Falcon Next-Gen SIEM,
adding valuable context to the rich telemetry of the Falcon
platform."
This integration is the latest development in long-standing
collaboration between Corelight and CrowdStrike. Crowdstrike's
Falcon Fund is an investor in Corelight, and has previously
partnered with the company to deploy Corelight NDR technology in
customer engagements when delivering Incident Response, Compromise
Assessment, and Network Security Monitoring services.
The Corelight product integration is available today from the
Corelight partner listing on the CrowdStrike Marketplace.
Learn more about why Corelight is the data of choice for
next-gen SIEM.
About Corelight
Corelight transforms network and cloud activity into evidence
that security teams use to proactively hunt for threats, accelerate
response to incidents, gain complete network visibility and create
powerful analytics. Corelight's global customers include Fortune
500 companies, major government agencies, and large universities.
Based in San Francisco, Corelight
is an open-core security company founded by the creators of Zeek®,
the widely-used network security technology. For more information,
visit https://corelight.com or follow @corelight_inc.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/corelight-unveils-real-time-data-enrichment-for-crowdstrike-falcon-next-gen-siem-302138159.html
SOURCE Corelight, Inc.