Augment Network Visibility and Accelerate Incident Response with Keysight and Corelight
Corelight delivers a comprehensive suite of network security analytics that help organizations identify more than 75 adversarial TTPs across the MITRE ATT&CK® spectrum. These detections reveal known and unknown threats via hundreds of unique insights and alerts across machine learning, behavioral analysis, and signature-based approaches. Corelight depends on Keysight TAPs and intelligent NPBs to deliver efficient and scalable access to all data traffic across physical, virtual, cloud and hybrid infrastructure. Corelight out-of-band sensors parse all the copied traffic turning it into rich, correlated, security- specific evidence that goes back months, not days.
Corelight Sensors
Security Operations Center (SOC) and security teams are at the forefront of ensuring an organization’s safety. Here’s how they can overcome key challenges:
Network Visibility: By having complete access to packet data and network traffic, blind spots are eliminated.
Analytics: Through correlating context and integrating information, the team gets a complete picture, streamlining their processes
Investigations: By effectively prioritizing alerts, investigation times are significantly reduced
Threat Hunting: With increased agility and context for hunting, disruptive strategies are created, adding an additional layer of security.
Integration Highlights
- Real-time, pervasive visibility into network activity across physical, virtual, public, and hybrid infrastructures
- Efficient, intelligent and scalable delivery of just the right data to Corelight Sensors for analysis
- Comprehensive detections with network context lower response times
- Lightweight network metadata enables threat hunting and speeds incident response
Corelight: Open NDR with Next-Level Analytics
Corelight Investigator combines the power of our Open NDR Platform with machine learning and other analytics into an easy-to-use, quick-to-deploy SaaS solution. We simplify SOC workflows to give your team valuable time back to triage and respond with confidence. Disrupt attacks by shifting from low-priority, reactive tasks to high-impact, proactive defense.
Follow the Evidence
The powerful intersection between network visibility and machine analytics.
The only evidence-first threat investigation platform Investigator is a SaaS-based network detection and response (NDR) solution that combines comprehensive network evidence with machine learning and other analytics integrated into a fast, intuitive search platform to accelerate threat hunting and incident response and consolidates legacy toolsets. develop.
Watch the video
Visibility
Keysight Enables Scalable Efficient Access to All Network Traffic For Security Analysis
The Keysight intelligent network visibility platform complements and augments Corelight’s Open NDR Platform by extending efficient access to all physical, virtual, and cloud traffic needed for analysis.
Together, Keysight and Corelight empower security teams to see and make sense of their network traffic at the speed of attack, leaving no stone or packet unturned:
Keysight network TAPs (copper, fiber, industrial, virtual, or cloud) are deployed for reliable access to 100% of the traffic anywhere in the network. Purpose-built Keysight Vision network packet brokers (NPBs) are positioned out-of-band between the traffic acquisition points and Corelight Sensors, and they can perform several functions:
– Aggregate traffic from multiple network TAPs and switched port analyzer (SPAN) ports
– Optimize flow of aggregated traffic by eliminating duplicate packets and and filtering unnecessary traffic data that is not needed for security analysis
– Replicate, load balance, and forward optimized traffic to one or multiple Corelight Sensors and other tools as needed
Keysight Vision Orchestrator acts as the central point of management, automation, and orchestration of all Keysight visibility solutions. This enables organizations to scale and operate their Keysight visibility solutions across their entire environment with ease.
DISRUPT ATTACKS WITH NETWORK EVIDENCE
Corelight’s Open NDR Platform takes the network and cloud traffic acquired and optimized by Keysight and transforms it into comprehensive, correlated evidence that provides unparalleled visibility into the network. This evidence allows security teams to unlock new analytics, investigate faster, hunt like an expert, and even disrupt future attacks
