Cisco-backed startup Corelight raises $150M to expand network security services – Network World

1 minute, 27 seconds Read

“Today, Zeek is considered the gold standard for network security monitoring and network traffic analysis. It’s used by thousands of large organizations, from U.S. government agencies such as the U.S. Department of Energy to research universities like Indiana University, Ohio State, and Stanford,” Parthasarathi wrote.

Zeek is part of Corelight’s open network detection and response (NDR) platform, which is aimed at helping enterprises bolster cybersecurity attack detection coverage, speed incident response, and offer overall network visibility, Parthasarathi stated.  

The architecture also utilizes another open source package – Suricata – to further its network analysis and threat detection abilities.

The information gathered from systems such as Zeek, which for more than 25 years has been evolving and building its security data set, makes the large language models (LLM) that are behind Corelight’s AI technology invaluable.

Corelight’s LLM strategy is twofold, Parthasarathi stated. “On one hand, it provides out-of-the-box support for an abundance of practical LLM use cases that are natively available in products such as Investigator – a SaaS version of Corelight’s platform. These include using LLMs to translate alerts into English, give stock investigation guidance, and so on,” Parthasarathi wrote. “More importantly, the company is jointly supporting the development of multiple security-centric LLMs in an effort to drive compatibility across the ecosystem so that customers and partners have choice and flexibility in their still-evolving LLM strategies.”

There are three main opportunities for Corelight and Cisco in particular, according to Brian Dye, CEO of Corelight. “First is their shared focus around hybrid multi-cloud security; second is a big opportunity to extend and amplify Cisco’s portfolio of distributed security architectures; and third is the opportunity to use Corelight’s data as an accelerator for all security operations within Splunk,” Dye stated. 

This post was originally published on 3rd party site mentioned in the title of this site

Similar Posts