Corelight Pros and Cons

Being able to enrich data daily as it is ingested and feed that into a log agrigator has been extremly useful. Depoloyments in our environment have also gone smoothly and the price has been fair. Review collected by and hosted on G2.com.

One of the few downsides I have noticed is that we have had to write some corelight modules ourselves to properly sort and ingest data. Review collected by and hosted on G2.com.

My most helpful about corelight is network detection and analyze. Review collected by and hosted on G2.com.

I would like more UI experience and improve it I would say. Review collected by and hosted on G2.com.

Really good detection of threats and detailed informs, as a simple user this is super insightful Review collected by and hosted on G2.com.

I would like the detection of threat be faster but i know there are some process to accomplish before i could reicive the results. Review collected by and hosted on G2.com.

1) Clean Website UI

2)Services provided

3) It seems very easy to use the services Review collected by and hosted on G2.com.

Not much popularity

To much techinal features in the website that would be overwhelming for someone who is not involved in the field Review collected by and hosted on G2.com.

The support and periodic review with the team assigned to you are excellent. The product (sensor AP along with add-ons such as Suricata and machine-based learning that provide insights within the Crowdstrike (Humio) platform are excellent. The base platform is like Zeek on steriods. If needed,pro-active support even lets you know the hardware may be failing and an RMAs you an identical substitute. The device logs to Humio, syslog, etc. simultaneously

The command line control of the device is excellent, and so is fleet management for a series of APs. There is also an annual Zeek conference in which new insights and roadmaps are presented by Corelight Review collected by and hosted on G2.com.

Nothing - the sensors work perfectly and dashboard summaries are very good. If one wants, one can always simply query the data manually. There is constant improvement with the release of updates and integrations with other vendor products. Corelight support is always helpful no matter what I throw at them - ranging from technical questions down to annual quotes to renew licenses. I simply cannot find anything to dislike Review collected by and hosted on G2.com.

Great place for your cybersecurity needs! Review collected by and hosted on G2.com.

Partnered with crowstrike and the uncertainty with those two combined. Review collected by and hosted on G2.com.

Very easy to deploy. The hardware sensors and pre-made VM images make deployment as an MSSP very easy as we can just hand this stuff to the customer and give them the key to our Fleet Manager and manage the rest on our side.

Fleet Manager in particular is really good for managing disparate configurations and one-offs across multiple customers. Review collected by and hosted on G2.com.

I'd say Fleet Manager not having the ability to facilitate the particular MSSP scenario where the MSSP owns Fleet Manager and has a variety of customers in one instance, but the customer wants access to Fleet Manager for reporting or perhaps editing configurations. Because we can't silo customers in like a "site" fashion to prevent them from seeing other customer's data, it's a scenario we can't do right now. Review collected by and hosted on G2.com.

Corelight helps you to find any bad things happening like sneaky viruses or hackers trying to get in and having a detective tool for our Network. So, that we can process Everything safe and run smoothly Review collected by and hosted on G2.com.

The potential downsides of Corelight is that it can be complex to setup and manage and it might require specialized knowledge to use effectively and it needs to be improved for better usages. Review collected by and hosted on G2.com.

Corelight appliances do one thing and do it well: process your network traffic through analysis engines. Corelight support staff know what they're doing, reply promptly, and resolve most issues within two emails. Review collected by and hosted on G2.com.

We've seen Corelight grow quite a bit since we first became a customer. I worry they might one day adopt Cisco's strategy of adding unnecessary features in the pursuit of achieving vendor lock-in. Doing would degrade the user experience and price out customers who can't afford a one-stop-shop security solution. Review collected by and hosted on G2.com.

If your SOC needs better visibility, in particular in a way that will integrate with any of the other tools in your security stack, Corelight is the way to do it. In 15 minutes you can turn a network tap into rich metadata about every packet that's crossed that wire, in an open source format that works with any SIEM, schema, or other setup that might be valuable to you. Their Suricata integration is also the best IDS setup on the modern market, and their customer support is second to none. You'll be glad to work with Corelight, both the tech and the people! Review collected by and hosted on G2.com.

Corelight is best suited for larger organizations. The cost to ingest data into SIEMs whose pricing model runs on ingest can be high, and less advanced SOCs will have a learning curve using the tool. Review collected by and hosted on G2.com.