.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Corelight
Corelight
Corelight is a network detection and response (NDR) platform built on the open-source Zeek (formerly Bro) network security monitor. It transforms raw network traffic into structured, high-fidelity security logs and analytics covering protocols including HTTP, DNS, SSL/TLS, SMB, SSH, and many others.
Corelight sensors provide rich network evidence including connection logs, file extraction, protocol analysis, and encrypted traffic analytics without decryption. The platform enhances Zeek with additional detections, machine learning analytics, and smart PCAP capabilities, giving security teams the network-level evidence they need for threat hunting, investigation, and detection of lateral movement.
Sophos Products
Sophos MDR/XDR Integrations
Partner Technology
Network & Infrastructure Security
Solution Category
Sophos MDR/XDR Integrations
