Corelight Features
What are the features of Corelight?
Analysis
- Network Visibility
Top Rated Corelight Alternatives
Corelight Categories on G2
Filter for Features
Response
Resolution Automation | Diagnose and resolve incidents without the need for human interaction. | Not enough data | |
Resolution Guidance | Guide users through the resolution process and give specific instructions to remedy individual occurrences. | Not enough data | |
System Isolation | Cuts off network connection or temporarily inactivate applications until incidents are remedied. | Not enough data | |
Threat Intelligence | Gathers information related to threats in order to gain further information on remedies. | Not enough data | |
Incident Alerts | Gives alerts when incidents arise. Some responses may be automated, but users will still be informed. | Not enough data | |
Response Orchestration | Integrates additional security tools to automate security and incident response processes. | Not enough data | |
Response Automation | Reduces time spent remedying issues manually. Resolves common network security incidents quickly | Not enough data |
Records
Incident Logs | Information on each incident is stored in databases for user reference and analytics. | Not enough data | |
Incident Reports | Produces reports detailing trends and vulnerabilities related to their network and infrastructure. | Not enough data | |
Resource Usage | Analyzes recurring incidents and remedies to ensure optimal resource usage. | Not enough data |
Management
Incident Alerts | Gives alerts when incidents arise. Some responses may be automated, but users will still be informed. | Not enough data | |
Database Management | Adminstrators can access and organize data related to incidents to produce reports or make data more navigable. | Not enough data | |
Workflow Management | Administrators can organize workflows to guide remedies to specific situations incident types. | Not enough data | |
Performance Baseline | Sets a standard performance baseline by which to compare live network activity. | Not enough data | |
Data Visualization | Charts or graphs live and historical network performance for quick status checking and analysis. | Not enough data | |
Path Analysis | Gives insights into which specific network paths are performing suboptimally. | Not enough data |
Network Management
Activity Monitoring | Documents the actions from endpoints within a network. Alerts users of incidents and abnormal activities and documents the access point. | Not enough data | |
Asset Management | Keeps records of each network asset and its activity. Discovers new assets accessing the network. | Not enough data | |
Log Management | Provides security information and stores the data in a secure repository for reference. | Not enough data |
Incident Management
Event Management | Alerts users of incidents and allows users to intervene manually or triggers an automated response. | Not enough data | |
Automated Response | Reduces time spent remedying issues manually. Resolves common network security incidents quickly. | Not enough data | |
Incident Reporting | Documents cases of abnormal activity and compromised systems. | Not enough data | |
Incident Logs | Information on each incident is stored in databases for user reference and analytics. | Not enough data | |
Incident Alerts | Gives alerts when incidents arise. Some responses may be automated, but users will still be informed. | Not enough data | |
Incident Reporting | Produces reports detailing trends and vulnerabilities related to their network and infrastructure. | Not enough data |
Security Intelligence
Threat Intelligence | Stores information related to common threats and how to resolve them once incidents occur. | Not enough data | |
Vulnerability Assessment | Analyzes your existing network and IT infrastructure to outline access points that can be easily compromised. | Not enough data | |
Advanced Analytics | Allows users to customize analytics with granulized metrics that are pertinent to your specific resources. | Not enough data | |
Data Examination | Allows users to search databases and incident logs to gain insights on vulnerabilities and incidents. | Not enough data |
Administration
Risk Scoring | Provides risk scoring for suspicious activity, vulnerabilities, and other threats. | Not enough data | |
Secrets Management | Provides tools for managing authentication credentials such as keys and passwords. | Not enough data | |
Security Auditing | Analyzes data associated with security configurations and infrastructure to provide vulnerability insights and best practices. | Not enough data | |
Configuration Management | Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance. | Not enough data | |
Compliance | Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards. | Not enough data | |
Administration Console - | Provides a centralized console for administation tasks and unified control. | Not enough data | |
API / integrations | Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications. | Not enough data | |
Security Automation | Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process. | Not enough data | |
Security Integration | Integrates additional security tools to automate security and incident response processes. | Not enough data | |
Multicloud Visibility | Allows users to track and control activity across cloud services and providers. | Not enough data |
Monitoring
Continuous Image Assurance | Provides image verification features to establish container approval requirements and continuously monitor for policy violations to identify containers with known vulnerabilities, malware, and other threats. | Not enough data | |
Behavior Monitoring | Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns and fraud indicators. | Not enough data | |
Observability | Generate insights across IT systems utilizing event metrics, logging, traces, and metadata. | Not enough data |
Protection
Dynamic Image Scanning | Scans application and image source code for security flaws without executing it in a live environment | Not enough data | |
Runtime Protection | Monitors container activities and detects threats across containers, networks, and cloud service providers. | Not enough data | |
Workload Protection | Protects compute resources across a networks and cloud service providers. Serves as Firewall and prompts additional authentication for suspicious users. | Not enough data | |
Network Segmentation | Allows administrative control over network components, mapping, and segmentation. | Not enough data |
Detection
Intrusion Detection | Detects unauthorized access and use of privileged systems. | Not enough data | |
Security Monitoring | Detects anomalies in functionality, user accessibility, traffic flows, and tampering. | Not enough data | |
Anti-Malware / Malware Detection | Provides multiple techniques and information sources to alert users of malware occurrences. | Not enough data | |
Multi-Network Monitoring | Provides monitoring capabilities for multiple networks at once. | Not enough data | |
Asset Discovery | Detect new assets as they enter a network and add them to asset inventory. | Not enough data | |
Anomaly Detection | Constantly monitors activity related to user behavior and compares activity to benchmarked patterns | Not enough data |
Functionality
Performance Monitoring | Continuously monitors network performance across the entire span of a network. | Not enough data | |
Alerting | Sends alerts via pop-up notifications, texts, emails, or calls regarding network issues or failures. | Not enough data | |
Improvement Suggestions | Suggests potential remedies or improvements to slowdowns, errors, or failures. | Not enough data | |
Multi-Network Capability | Provides monitoring capabilities for multiple networks at once. | Not enough data | |
Multi-Network Capability | Provides monitoring capabilities for multiple networks at once. | Not enough data | |
Anomaly Detection | Constantly monitors activity related to user behavior and compares activity to benchmarked patterns. | Not enough data | |
Network Visibility | Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks. | Not enough data | |
Scalability | Provides features to allow scaling for large organizations. | Not enough data | |
Incident Alerts | Gives alerts when incidents arise. Some responses may be automated, but users will still be informed. | Not enough data | |
Anomaly Detection | Constantly monitors activity related to user behavior and compares activity to benchmarked patterns. | Not enough data | |
Continuous Analysis | Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering. | Not enough data | |
Decryption | Facilitates the decryption of files and data stored using cryptographic algorithms. | Not enough data |
Automation
Metadata Management | Indexes metadata descriptions for easier searching and enhanced insights | Not enough data | |
Artificial Intelligence & Machine Learning | Facilitates Artificial Intelligence (AI) or Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis. | Not enough data | |
Response Automation | Reduces time spent remedying issues manually. Resolves common network security incidents quickly. | Not enough data | |
Continuous Analysis | Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering. | Not enough data |
Analysis
File Analysis | Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats. | Not enough data | |
Memory Analysis | Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive. | Not enough data | |
Registry Analysis | Identifies recently accessed files and applications for abnormalities and threats. | Not enough data | |
Email Analysis | Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations. | Not enough data | |
Linux Analysis | Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts. | Not enough data | |
Incident Reporting | Produces reports detailing trends and vulnerabilities related to their network and infrastructur | Not enough data | |
Network Visibility | As reported in 10 Corelight reviews. Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks. | 92% (Based on 10 reviews) | |
Metadata Enrichment | Facilitates Artificial Intelligence (AI) such as Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis. | Not enough data | |
Metadata Management | Indexes metadata descriptions for easier searching and enhanced insight | Not enough data |
Remediation
Incident Reports | Produces reports detailing trends and vulnerabilities related to their network and infrastructure. | Not enough data | |
Remediation Suggestions | Provides relevant and helpful suggestions for vulnerability remediation upon detection. | Not enough data | |
Response Automation | Reduces time spent remedying issues manually. Resolves common network security incidents quickly. | Not enough data |
Activity Monitoring
Usage Monitoring | Tracks infrastructure resource needs and alerts administrators or automatically scales usage to minimize waste. | Not enough data | |
Database Monitoring | Monitors performance and statistics related to memory, caches and connections. | Not enough data | |
API Monitoring | Detects anomalies in functionality, user accessibility, traffic flows, and tampering. | Not enough data | |
Activity Monitoring | Actively monitors status of work stations either on-premise or remote. | Not enough data |
Security
Compliance Monitoring | Monitors data quality and send alerts based on violations or misuse. | Not enough data | |
Risk Analysis | See feature definition | Identifies potential network security risks, vulnerabilities, and compliance impacts. | Not enough data |
Reporting | Creates reports outlining log activity and relevant metrics. | Not enough data |
Connected Device Security
Vulnerability Assessment | Performs risk and security gap assessments for connected assets. | Not enough data | |
Identity Lifecycle | Assists with authentication and authorization of connected assets. | Not enough data | |
Threat Protection | Provides general protection against device threats, such as firewall and antivirus tools. | Not enough data | |
Behavior Analysis | Monitors device behaviors to identify abnormal events. | Not enough data | |
Incident Response | Responds to suspicious activity related to IoT devices. This may include actions such as threat containment and eradication as well as device recovery. | Not enough data | |
IoT Network Security | Provides security measures for IoT networks and gateways. | Not enough data | |
OTA Updates | Automatically sends over-the-air (OTA) security updates to connected devices. | Not enough data | |
Alerts & Notifications | Sends timely security notifications to users in-app or through email, text message or otherwise. | Not enough data |
Platform
Dashboard | Has a centralized dashboard for users to interact with. | Not enough data | |
Hardware | Integrates with existing IoT hardware. | Not enough data | |
Performance | Is consistently available (uptime) and allows users to complete tasks reliably. | Not enough data | |
Reporting | Provides pre-built or customizable performance reports. | Not enough data |
