|
Corelight Enhances Network Visibility and Detection Coverage with Insights from Microsoft Defender
Wednesday, January 22, 2025
New integration provides security teams with more precise and accelerated investigations to help defend against the complex threat landscape
SAN FRANCISCO, Jan. 14, 2025 /PRNewswire/ -- Corelight, the fastest growing provider of network detection and response (NDR) solutions, today announced that data from Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management will now feed directly into Corelight's sensors. With these new insights, organizations are able to cut mean time to detection and increase security operation center (SOC) efficiency with powerful risk-based alert prioritization across on-premises and multi-cloud environments, enabling faster, more accurate investigations.
Security teams often struggle to maintain a strong, secure posture because they don't have the right information to triage the unrelenting stream of alerts quickly and effectively from an increasingly complex network environment. The SANS Institute found that most SOC teams rely on alerts from their endpoint security to trigger incident response. The integration of data from Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management enriches Corelight logs with relevant, real-time data that allows SOC teams to streamline incident response and boost analyst productivity by focusing on their organizations' most critical vulnerabilities and risks.
"By integrating with Defender for Endpoint and Defender Vulnerability Management, we are helping combat analyst fatigue from inefficiencies in the SOC and helping teams defend against adversaries adept at avoiding endpoint detection and response (EDR) solutions. With Corelight's advanced network telemetry, security teams can now easily identify unknown systems across the environment that can then be inventoried and managed by Microsoft Defender," said Todd Wingler, Corelight vice president, global alliances and channels. "Corelight is now the only NDR vendor to provide real-time enrichment of its network telemetry with endpoint and vulnerability data from the top three EDR vendors at the point of network observation, enabling our customers to conduct more streamlined investigations resulting in quicker remediation."
A unified view of this data allows SOC teams to conduct:
-- Enhanced Detections: Corelight's network telemetry with Microsoft
Defender endpoint and vulnerability data provides users with prioritized
alerts based on environmental risks at the point of observation on the
network.
-- Streamlined response and asset inventory: By enriching Corelight logs
with unique device IDs from Microsoft Defender for Endpoint, SOC teams
can pivot seamlessly between NDR and EDR telemetry to accelerate
investigations and streamline incident response.
-- Expanded visibility: Leveraging Corelight's expansive network telemetry,
users can now gain enhanced visibility into all devices, including
unmanaged and unknown endpoints.
"By integrating EDR and vulnerability management data from Microsoft Defender into Corelight's network sensors, analysts are empowered to streamline their investigations with enriched endpoint insights to create a more secure network," said Alon Rosental, general manager, Defender for Endpoint at Microsoft Corp.
Learn more about how Corelight and Microsoft Defender for Endpoint and Defender Vulnerability Management provide enhanced visibility across all environments here.
About Corelight
Corelight transforms network and cloud activity into evidence that security teams use to proactively hunt for threats, accelerate response to incidents, gain complete network visibility and create powerful analytics. Corelight's global customers include Fortune 500 companies, major government agencies, and large universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of ZeekĀ®, the widely-used network security technology. For more information, visit https://corelight.com or follow @corelight_inc.
View original content to download multimedia:https://www.prnewswire.com/news-releases/corelight-enhances-network-visibility-and-detection-coverage-with-insights-from-microsoft-defender-302349806.html
SOURCE Corelight
|
|
|
|
|
|
 |
VIAVI Highlights Test Solutions for AI Infrastructure Development, Manufacturing and Deployment at OFC 2025 | Mar 28, 2025
|
|
Oracle Helps Customers Boost Employee Engagement with Strategic Communications and Internal Events | Mar 28, 2025
|
|
ThreatQuotient positioned as a Leader in the SPARK Matrix(TM): Digital Threat Intelligence Management, 2025 by QKS Group | Mar 28, 2025
|
|
Orium Launches Composable Accelerator for Shopify | Mar 28, 2025
|
|
Madame Rachida Dati, French Minister of Culture, has granted official recognition to thierry Ehrmann's Abode of Chaos as a 'total work of art', the global headquarters of Artprice by Artmarket. | Mar 28, 2025
|
|
Datacenter Dynamics Makes History with LoneStar - Becoming the World's First Magazine to Reach the Moon | Mar 28, 2025
|
|
Nosto reports 323% growth of Personalized Search after 2024 Gartner MQ inclusion | Mar 28, 2025
|
|
Western Union forms strategic partnership with HCLTech to transition to an AI led platform operating model | Mar 28, 2025
|
|
Wealthbox Expands to Canada with In-Country Data Hosting | Mar 28, 2025
|
|
Oracle Named a Leader in Configure, Price, Quote by Independent Research Firm | Mar 28, 2025
|
|
|
|
