尋找感興趣的產品?
Corelight
Augment network visibility and accelerate incident response with Keysight and Corelight
Corelight delivers a comprehensive suite of network security analytics that help organizations identify more than 75 adversarial TTPs across the MITRE ATT&CK® spectrum. These detections reveal known and unknown threats via hundreds of unique insights and alerts across machine learning, behavioral analysis, and signature-based approaches. Corelight uses Keysight TAPs and intelligent NPBs to deliver efficient and scalable access to all data traffic across physical, virtual, cloud and hybrid infrastructure. Corelight out-of-band sensors parse all the copied traffic turning it into rich, correlated, security-specific evidence that goes back months, not days.
Corelight Sensors
Security Operations Center (SOC) and security teams are at the forefront of ensuring an organization’s safety. Here’s how they can overcome key challenges:
Network Visibility: By having complete access to packet data and network traffic, blind spots are eliminated.
Analytics: Transforming raw data into contextual network evidence gives teams the insight needed for superior protection.
Investigations: Effectively prioritizing alerts greatly reduces investigation times and alert fatigue.
Threat Hunting: Rich, correlated network evidence that goes back months, not days, reveals hidden threats.
Integration Highlights
- Real-time, pervasive visibility into network activity across physical, virtual, public, and hybrid infrastructures
- Efficient, intelligent and scalable delivery of just the right data to Corelight Sensors for analysis
- Comprehensive detections with network context lower response times
- Lightweight network evidence enables more effective threat hunting and speeds incident response
Follow the evidence
The powerful intersection between network visibility and machine analytics.
Corelight Investigator is a powerful SaaS platform that delivers comprehensive network evidence, advanced detections, and integrated threat intelligence in a single, easy-to-use interface. Built on open standards like Zeek and Suricata, Investigator provides deep visibility into network activity without the complexity of traditional tools. Investigator combines high-fidelity network telemetry with context-rich threat hunting workflows—enabling faster investigations, reduced dwell time, and greater confidence in decision-making for security teams.
Corelight: Open NDR with Next-Level Analytics
Corelight Investigator combines the power of our Open NDR Platform with machine learning and other analytics into an easy-to-use, quick-to-deploy SaaS solution. We simplify SOC workflows to give your team valuable time back to triage and respond with confidence. Disrupt attacks by shifting from low-priority, reactive tasks to high-impact, proactive defense.
Keysight Enables Scalable Efficient Access to All Network Traffic for Security Analysis
The Keysight intelligent network visibility platform complements and augments Corelight’s Open NDR Platform by extending efficient access to all physical, virtual, and cloud traffic needed for analysis.
Together, Keysight and Corelight empower security teams to see and make sense of their network traffic at the speed of attack, leaving no stone or packet unturned:
Keysight network TAPs (copper, fiber, industrial, virtual, or cloud) are deployed for reliable access to 100% of the traffic anywhere in the network. Purpose-built Keysight Vision network packet brokers (NPBs) are positioned out-of-band between the traffic acquisition points and Corelight Sensors, and they can perform several functions:
- Aggregate traffic from multiple network TAPs and switched port analyzer (SPAN) ports
- Optimize flow of aggregated traffic by eliminating duplicate packets and and filtering unnecessary traffic data that is not needed for security analysis
- Replicate, load balance, and forward optimized traffic to one or multiple Corelight Sensors and other tools as needed
Keysight Vision Orchestrator acts as the central point of management, automation, and orchestration of all Keysight visibility solutions. This enables organizations to scale and operate their Keysight visibility solutions across their entire environment with ease.
Disrupt Attacks with Network Evidence
Corelight’s Open NDR Platform takes the network and cloud traffic acquired and optimized by Keysight and transforms it into comprehensive, correlated evidence that provides unparalleled visibility into the network. This evidence allows security teams to unlock new analytics, investigate faster, hunt like an expert, and even disrupt future attacks.
Keysight Network Packet Brokers
Keysight’s Vision Network Packet Brokers provide real-time, end-to-end visibility into physical, virtual, SDN and NFV based networks, and can aggregate traffic from multiple TAPs or SPAN ports, with purpose-built dedicated hardware in their physical packet brokers that ensure zero packet loss.
Want help or have questions?