News

|

Feeds

|

Email

New integration provides security teams with more precise and accelerated investigations to help defend against the complex threat landscape

SAN FRANCISCO, Jan. 14, 2025 /PRNewswire/ -- Corelight, the fastest growing provider of network detection and response (NDR) solutions, today announced that data from Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management will now feed directly into Corelight's sensors. With these new insights, organizations are able to cut mean time to detection and increase security operation center (SOC) efficiency with powerful risk-based alert prioritization across on-premises and multi-cloud environments, enabling faster, more accurate investigations.

Security teams often struggle to maintain a strong, secure posture because they don't have the right information to triage the unrelenting stream of alerts quickly and effectively from an increasingly complex network environment. The SANS Institute found that most SOC teams rely on alerts from their endpoint security to trigger incident response. The integration of data from Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management enriches Corelight logs with relevant, real-time data that allows SOC teams to streamline incident response and boost analyst productivity by focusing on their organizations' most critical vulnerabilities and risks.

"By integrating with Defender for Endpoint and Defender Vulnerability Management, we are helping combat analyst fatigue from inefficiencies in the SOC and helping teams defend against adversaries adept at avoiding endpoint detection and response (EDR) solutions. With Corelight's advanced network telemetry, security teams can now easily identify unknown systems across the environment that can then be inventoried and managed by Microsoft Defender," said Todd Wingler, Corelight vice president, global alliances and channels. "Corelight is now the only NDR vendor to provide real-time enrichment of its network telemetry with endpoint and vulnerability data from the top three EDR vendors at the point of network observation, enabling our customers to conduct more streamlined investigations resulting in quicker remediation."

A unified view of this data allows SOC teams to conduct:

    --  Enhanced Detections: Corelight's network telemetry with Microsoft
        Defender endpoint and vulnerability data provides users with prioritized
        alerts based on environmental risks at the point of observation on the
        network.
    --  Streamlined response and asset inventory: By enriching Corelight logs
        with unique device IDs from Microsoft Defender for Endpoint, SOC teams
        can pivot seamlessly between NDR and EDR telemetry to accelerate
        investigations and streamline incident response.
    --  Expanded visibility: Leveraging Corelight's expansive network telemetry,
        users can now gain enhanced visibility into all devices, including
        unmanaged and unknown endpoints.

"By integrating EDR and vulnerability management data from Microsoft Defender into Corelight's network sensors, analysts are empowered to streamline their investigations with enriched endpoint insights to create a more secure network," said Alon Rosental, general manager, Defender for Endpoint at Microsoft Corp.

Learn more about how Corelight and Microsoft Defender for Endpoint and Defender Vulnerability Management provide enhanced visibility across all environments here.

About Corelight

Corelight transforms network and cloud activity into evidence that security teams use to proactively hunt for threats, accelerate response to incidents, gain complete network visibility and create powerful analytics. Corelight's global customers include Fortune 500 companies, major government agencies, and large universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek®, the widely-used network security technology. For more information, visit https://corelight.com or follow @corelight_inc.

View original content to download multimedia:https://www.prnewswire.com/news-releases/corelight-enhances-network-visibility-and-detection-coverage-with-insights-from-microsoft-defender-302349806.html

SOURCE Corelight

Email

|

Slashdot

|

Digg

|

Del.icio.us

|

Feeds

RELATED NEWS ARTICLES

QKS Group Positions UKG as the Leader in the 2024 SPARK Matrix(TM) for Global - Multi-Country Payroll (MCP) Platforms | Jan 22, 2025 Shining at CES 2025, TCL Garners Multiple Awards for Display Innovations and Smart Home Solutions | Jan 22, 2025 Identity Theft Resource Center to Release 19th Annual Data Breach Report at Policy Forum During Data Privacy Week 2025 | Jan 22, 2025 Electronic Data Capture Redefined: Challenging the Norm with eSource Innovation, Upcoming Webinar Hosted by Xtalks | Jan 22, 2025 Matt Kimpel is Promoted to CISO of Magna5 | Jan 22, 2025 Imagenet Acquires CODY to Create A Comprehensive Suite of SaaS and Services Solutions for Health Plans | Jan 22, 2025 Fixed Wireless Access Equipment Spend to Exceed $48 B Over the Next Five Years, According to Dell'Oro Group | Jan 22, 2025 El Dorado Airport and Synaptic Aviation Announce Agreement to Enhance Efficiency and Sustainability | Jan 22, 2025 Ideal Power Announces Plans for Upcoming Investor Conferences | Jan 22, 2025 Empowering Farmers Through Innovation: John Deere Expands Self-Repair Solutions, Furthering Farmer Independence | Jan 22, 2025