Find ATT&CKs with Corelight.

Corelight helps you see network evidence to uncover a wide range of adversary tactics, techniques, and procedures (TTPs) within the MITRE ATT&CK™ Framework.


Corelight Mitre hero tool

Case Studies

Faster response times. Powerful threat hunting capabilities.

Zeek / Bro is used by thousands of organizations around the world to extract meaningful data from network traffic in real time. Here are a few examples of real world implementations.

Case Study

Education First resolves incidents up to 20x faster

Education First is a global firm with 40,000 employees. After deploying Corelight Sensors, their security team saw incredible impact. Their average incident response time dropped from hours to minutes thanks to Corelight’s network logs that allowed them to make lightning-fast sense of their traffic.

Download the case study

Case Study

Global law firm unlocks threat hunting capabilities

The law firm wanted a threat hunting solution based on network traffic analysis to provide real-time, comprehensive insight into traffic spanning multiple data centers and satellite offices around the world that collectively saw throughput speeds of up to 6 Gbps.

Download the case study

Case Study

Top-tier research university builds custom detection scripts

A top research university's network footprint spans multiple campuses, with average utilization exceeding 35 Gbps. They wanted to build more custom detection scripts, but their netflow records and server and firewall logs did not offer rich enough data to accomplish this. Corelight's Zeek logs did.

Download the case study

Case Study

How Corelight Cured An Energy Company's SOC of a Serious SMB Headache.

A Security Engineer at one of the world's largest energy companies found Corelight through his prior experience running Bro (now Zeek), an open-source network security monitoring framework. The Security Engineer worked on an agile security engineering team within the organization's Security Operations Center (SOC) and managed network forensics across multiple regional offices.

Download the case study