Corelight Cuts SIEM Ingest By Up to 80% without Impacting Security Fidelity
Wednesday, February 26, 2025
New data aggregation capability delivers needed storage cost savings and accelerates threat hunting and forensic investigations
SAN FRANCISCO, Feb. 18, 2025 /PRNewswire/ -- Corelight, the fastest growing provider of network detection and response (NDR) solutions, today announced a new capability to summarize network logs while retaining critical security insights. By introducing data aggregation for all Corelight sensors, customers have the ability to condense the volume of network data sent to security information and event management (SIEM) systems, accelerate threat hunting, and strengthen their overall security coverage.
Security operations center (SOC) teams are inundated with data, often spending a third of their workday (32%) investigating incidents that are not a real threat.(([1])) Managing this sheer volume of logs also places a heavy financial burden on organizations due to high storage processing and analysis costs.
"Corelight is committed to providing the most concise and actionable data for analysts without sacrificing the quality," said Vijit Nair, vice president of product, Corelight. "This new aggregation capability condenses and prioritizes data before it reaches the SIEM, ensuring that only what is actionable and relevant is stored and ingested. This drastically decreases the amount of data sent to the SIEM, driving a more cost-effective approach to storing the data an organization needs."
Because of the storage costs involved, most customers don't have the ability to send an unlimited amount of data to their SIEM. Forrester recently reported that reducing SIEM ingestion costs is one of the top inquiries analysts receive from clients.((2)) Reducing the volume of data to review improves threat detection accuracy for security analysts, resulting in faster investigation times and more efficient resource allocation.
With this new offering, Corelight's Open NDR platform becomes the only NDR solution to provide data aggregation capabilities without impacting time intervals, granularity or sacrificing log integrity to reduce SIEM costs.
Key features of the capability include:
-- Operational efficiency: Enables cost-efficient log management with
minimal impact on workflows, allowing SOC teams to focus on critical
alerts and improving incident response times.
-- Security visibility: Maintains key insights for incident response and
detection, which is essential for identifying patterns and determining
the impact of persistent threats over time.
-- Flexible integration: Eliminates the need for additional pipeline tools
and works seamlessly with existing SIEMs.
Customers now have the ability to reduce data volumes between 40% and 80% across the six most common log types - conn, dns, http, ssl, files and weird. Data aggregation can also reduce the time it takes to run a query by as much as 70%, which can boost detection accuracy. Additionally, by reducing data volume, customers can extend retention periods by up to 500%, enabling deeper forensic analysis and retroactive threat hunting for newly discovered indicators over a much longer timeframe.
To learn more about Corelight's data aggregation capabilities, please visit: https://corelight.com/blog/reduce-network-log-volume-with-data-aggregation.
About Corelight
Corelight transforms network and cloud activity into evidence that security teams use to proactively hunt for threats, accelerate response to incidents, gain complete network visibility and create powerful analytics. Corelight's global customers include Fortune 500 companies, major government agencies, and large universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of ZeekĀ®, the widely-used network security technology. For more information, visit https://corelight.com or follow @corelight_inc.
((1)) IBM: Global Security Operations Center Study Results
((2)) Forrester: If You're Not Using Data Pipeline Management For Security And IT, You Need To
View original content to download multimedia:https://www.prnewswire.com/news-releases/corelight-cuts-siem-ingest-by-up-to-80-without-impacting-security-fidelity-302378997.html
SOURCE Corelight
|
|
|
|
|
 |
VIAVI Highlights Test Solutions for AI Infrastructure Development, Manufacturing and Deployment at OFC 2025 | Mar 28, 2025
|
|
Orium Launches Composable Accelerator for Shopify | Mar 28, 2025
|
|
ThreatQuotient positioned as a Leader in the SPARK Matrix(TM): Digital Threat Intelligence Management, 2025 by QKS Group | Mar 28, 2025
|
|
Oracle Helps Customers Boost Employee Engagement with Strategic Communications and Internal Events | Mar 28, 2025
|
|
Madame Rachida Dati, French Minister of Culture, has granted official recognition to thierry Ehrmann's Abode of Chaos as a 'total work of art', the global headquarters of Artprice by Artmarket. | Mar 28, 2025
|
|
Datacenter Dynamics Makes History with LoneStar - Becoming the World's First Magazine to Reach the Moon | Mar 28, 2025
|
|
Oracle Named a Leader in Configure, Price, Quote by Independent Research Firm | Mar 28, 2025
|
|
Nosto reports 323% growth of Personalized Search after 2024 Gartner MQ inclusion | Mar 28, 2025
|
|
Western Union forms strategic partnership with HCLTech to transition to an AI led platform operating model | Mar 28, 2025
|
|
Wealthbox Expands to Canada with In-Country Data Hosting | Mar 28, 2025
|
|
|
