Sold by: Corelight, Inc.Â
Deployed on AWS
Vendor Insights
Gain complete visibility of your AWS network. Corelight Cloud Sensor transforms AWS traffic into security-centric evidence to drive cloud threat detection and accelerate incident response. At Corelight, we provide uniformity in datasets across the network - enabling defenders with a clear understanding of what is happening across their cloud, multi-cloud, and hybrid environments in real time.
Overview
Designed specifically for security needs, Corelight Cloud Sensor delivers high-fidelity data for threat detection and incident response in AWS. Detect and respond to threats targeting AWS workloads that other tools miss.
Corelight's Cloud Security Solutions provide deep visibility into cloud activity by transforming cloud and container traffic into the security-centric evidence that SOC teams need to accelerate incident response and unlock new threat hunting capabilities. We provide uniformity in dataset across the network - enabling elite defenders with a clear understanding of what is happening across their cloud, multi-cloud, and hybrid environments in real time.
For custom pricing or a private contract, please contact orders@corelight.com , for a private offer.
Highlights
- Accelerate investigations with interlinked logs enriched with cloud and container control plane attribution
- Advanced analytics provide deep insights into encrypted traffic and detection of C2 behavior, data exfiltration, and more
- Our comprehensive coverage provides signature and behavioral detections for network detection and response
Details
Sold by
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
GDPR
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Cloud Sensor for AWS | Standard Zeek Subscription for 1 Gbps -1 year | $7,370.00 |
Vendor refund policy
We do not provide refunds.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
As a Corelight customer you'll receive: Support from experienced technical support engineers Remote diagnostics and maintenance solutions Easy and rapid issue escalation as needed 24x7 service for customers who require it Visibility into software/device health through Corelight Dynamic Health Check Email: support@corelight.com Phone Number: (888) 547-9497
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Mira Security Encrypted Traffic Orchestrator (2.5Gbps)
By Mira Security
Mira Encrypted Traffic Orchestration (ETO) software provides safe and secure visibility into encrypted traffic allowing the tools used by enterprise security teams to function effectively, even when all the important traffic is encrypted.
Mira Security Encrypted Traffic Orchestrator (500Mbps)
By Mira Security
Mira Encrypted Traffic Orchestration (ETO) software provides safe and secure visibility into encrypted traffic allowing the tools used by enterprise security teams to function effectively, even when all the important traffic is encrypted.
Mira Security Encrypted Traffic Orchestrator (BYOL)
By Mira Security
Mira Encrypted Traffic Orchestration (ETO) software provides safe and secure visibility into encrypted traffic allowing the tools used by enterprise security teams to function effectively, even when all the important traffic is encrypted.
Mira Security Encrypted Traffic Orchestrator (1Gbps)
By Mira Security
Mira Encrypted Traffic Orchestration (ETO) software provides safe and secure visibility into encrypted traffic allowing the tools used by enterprise security teams to function effectively, even when all the important traffic is encrypted.
Customer reviews
0 ratings
0 AWS reviews
|
2 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
HamadaElewa
An expensive solution to monitor internet traffic with multiple dashboards
Reviewed on Feb 13, 2024
Review provided by PeerSpot
What is our primary use case?
We use the solution to monitor Internet traffic, the data center, and LAN traffic.
How has it helped my organization?
The huge library especially the open source link, makes it the main engine for Corelight with some enhancements in the commercial version. It has a very powerful level, such as signature-based attacks or behavioral attacks, with enhancements in the design. It is very flexible for intelligent implementations like IPs, especially between big companies and banks.
Corelight is easy to understand and monitor what is going on behind the team.
The solution is already integrated with other systems like Suricata, Elastic, and Microsoft tools. It's very easy to integrate signature-based or behavior-based engines. You can use Elastic for the dashboards to get it from Corelight, along with all the benefits and expandability.
What is most valuable?
The tool helps us track the traffic easily. Additionally, the soft analysis is very easy to learn due to the simplicity of the engine. It can integrate with multiple threat and intelligence feeds. This empowers the solution more than its powerful. It's also easy to create additional dashboards specific to supporting specific tasks.
What needs improvement?
The solution’s architecture is complex and difficult to understand. There's multiple machines and VMs. It’s size will increase the pricing to reflect the design. The solution should make it to one single platform with all the features.
For how long have I used the solution?
I have been using Corelight as a distributor for one and a half years.
What do I think about the stability of the solution?
The product is very stable.
What do I think about the scalability of the solution?
The solution is very scalable. More than 12 users are using this solution in the middle east. Corelight is easy to expand, especially in Kubernetes. Just add the new machine, and it will work with the existing ones.
How are customer service and support?
There is a strong community behind Corelight. You may need support due to stability from the team in very specific cases.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is not straightforward. You need expertise for it. I rate the solution’s documentation a six out of ten.
Deployment depends on the MVP, the amount and the capacity of the environment. If it's a huge customer, you will face big problem, and it will not be easy to implement. You will have multiple integrations, multiple positions to position the sensors. It will be easier to pick for the smaller customers or networks. Deployment can take be two weeks to three months to complete.
I rate the initial setup a five out of ten, where one is difficult, and ten is easy.
What's my experience with pricing, setup cost, and licensing?
The solution is too expensive compared to others. If you have the technical knowledge, it's good. Corelight is a very big gap between you and others if you’re new.
What other advice do I have?
Overall, I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Dan Jeske
An open-source solution that gave us insight into our clients' network traffic flow
Reviewed on Aug 18, 2023
Review provided by PeerSpot
What is our primary use case?
We use the solution for packet capture sampling. We offer it as part of our managed service. It's so we can identify east-west traffic on a customer's network.
What is most valuable?
Corelight is low-cost and made on open-source, and the code is Zeek. It's an easy way for us to get visibility in a client's environment.
What needs improvement?
Corelight hasn’t added features in a long time.
For how long have I used the solution?
I have five years of experience with the solution.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is very scalable.
How was the initial setup?
The initial setup was straightforward. When deploying Corelight, the customer just needs to put the solution on a VM. The only maintenance required is the maintenance of the license.
What was our ROI?
We immediately realized the solution’s ROI. Its visibility into east-west traffic, being able to sample capture, gives a sense of traffic flow. Moreover, it's inexpensive.
What's my experience with pricing, setup cost, and licensing?
The product is open-source.
What other advice do I have?
I rate the solution an eight out of ten.