Corelight
EndaceProbe Network History integrated with Corelight Sensors provides rich, contextual, network evidence to everyone in the SOC for fast and accurate decisions even with the most challenging threats.
Corelight Sensors are built on Zeek (formerly known as Bro), the powerful and widely-used open source network analysis tool. Thousands of organizations use Zeek to generate actionable, real-time network data for their high-performance security teams. Zeek extracts over 400 fields directly from network traffic in real time. Zeek logs are structured, and interconnected, specifically to support threat hunting and incident resolution.
Why Deploy EndaceProbes with Corelight sensors?
- Resolve incidents up to 20x faster with structured network insights and one-click access from security events to related packet evidence
- Enterprise class deployment, performance and management of Zeek
- Expand threat coverage by deploying Corelight Virtual Sensors on any EndaceProbe without truck rolls or complicated hardware deployments.
Integrating Corelight with EndaceProbes
For more technical details on integrating Corelight with EndaceProbes please login to the Endace Support Portal.If you do not have a Support Portal account, you can request one here.
Delivering Network Insights for Rapid Investigation and Response with Corelight, Garland Technology and Endace
Read this Solution Brief to find out how the combination of EndaceProbes, Corelight Sensors and Garland Technology TAPS and Packet Brokers can deliver complete network visibility scalably, reliably and cost-effectively.
How about a Demo?
Interested in finding out how you can combine Corelight with EndaceProbes to enable powerful, structured network insights for Incident Response and Threat Hunting?
Or would you like a demo?