We use the solution to monitor Internet traffic, the data center, and LAN traffic.
Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
23 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Corelight the Threat Hunters
What do you like best about the product?
Great network telemetry. Corelight does a great job with presenting security network events in a digestible manner. The integration with CrowdStrike provides excellent correlating network events, and the built in parsers helps make view the network events easy to read.
What do you dislike about the product?
It's a bit complex so really not suitable for a novice security analyst. Plus some of the online training is really high level, so you need to schedule personalized training which can be costly.
What problems is the product solving and how is that benefiting you?
Corelight is providing network security insights.
We use Corelight sensors in our environment to monitor and alert based off of traffic.
What do you like best about the product?
Being able to enrich data daily as it is ingested and feed that into a log agrigator has been extremly useful. Depoloyments in our environment have also gone smoothly and the price has been fair.
What do you dislike about the product?
One of the few downsides I have noticed is that we have had to write some corelight modules ourselves to properly sort and ingest data.
What problems is the product solving and how is that benefiting you?
Corelight allows us to monitor our internal traffic and alert off of supicious traffic. Without this we would be largely blind in our internal environment to what traffic is going where in any kind of meaningful way.
Great Threat hunting choice
What do you like best about the product?
Really good detection of threats and detailed informs, as a simple user this is super insightful
What do you dislike about the product?
I would like the detection of threat be faster but i know there are some process to accomplish before i could reicive the results.
What problems is the product solving and how is that benefiting you?
Give me an interface with almost everything that i need to do much easier to detect anomalies
Pretty straight forward
What do you like best about the product?
Great place for your cybersecurity needs!
What do you dislike about the product?
Partnered with crowstrike and the uncertainty with those two combined.
What problems is the product solving and how is that benefiting you?
Their system is very great detection system
I loved it
What do you like best about the product?
My most helpful about corelight is network detection and analyze.
What do you dislike about the product?
I would like more UI experience and improve it I would say.
What problems is the product solving and how is that benefiting you?
Business problems corelight is solving and thats directly benifiting company on major finance and in aws marketplace, Incident response.
Review for corelight
What do you like best about the product?
1) Clean Website UI
2)Services provided
3) It seems very easy to use the services
2)Services provided
3) It seems very easy to use the services
What do you dislike about the product?
Not much popularity
To much techinal features in the website that would be overwhelming for someone who is not involved in the field
To much techinal features in the website that would be overwhelming for someone who is not involved in the field
What problems is the product solving and how is that benefiting you?
It helps me to easliy track and monitor my AWS resources
An expensive solution to monitor internet traffic with multiple dashboards
What is our primary use case?
How has it helped my organization?
The huge library especially the open source link, makes it the main engine for Corelight with some enhancements in the commercial version. It has a very powerful level, such as signature-based attacks or behavioral attacks, with enhancements in the design. It is very flexible for intelligent implementations like IPs, especially between big companies and banks.
Corelight is easy to understand and monitor what is going on behind the team.
The solution is already integrated with other systems like Suricata, Elastic, and Microsoft tools. It's very easy to integrate signature-based or behavior-based engines. You can use Elastic for the dashboards to get it from Corelight, along with all the benefits and expandability.
What is most valuable?
The tool helps us track the traffic easily. Additionally, the soft analysis is very easy to learn due to the simplicity of the engine. It can integrate with multiple threat and intelligence feeds. This empowers the solution more than its powerful. It's also easy to create additional dashboards specific to supporting specific tasks.
What needs improvement?
The solution’s architecture is complex and difficult to understand. There's multiple machines and VMs. It’s size will increase the pricing to reflect the design. The solution should make it to one single platform with all the features.
For how long have I used the solution?
I have been using Corelight as a distributor for one and a half years.
What do I think about the stability of the solution?
The product is very stable.
What do I think about the scalability of the solution?
The solution is very scalable. More than 12 users are using this solution in the middle east. Corelight is easy to expand, especially in Kubernetes. Just add the new machine, and it will work with the existing ones.
How are customer service and support?
There is a strong community behind Corelight. You may need support due to stability from the team in very specific cases.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is not straightforward. You need expertise for it. I rate the solution’s documentation a six out of ten.
Deployment depends on the MVP, the amount and the capacity of the environment. If it's a huge customer, you will face big problem, and it will not be easy to implement. You will have multiple integrations, multiple positions to position the sensors. It will be easier to pick for the smaller customers or networks. Deployment can take be two weeks to three months to complete.
I rate the initial setup a five out of ten, where one is difficult, and ten is easy.
What's my experience with pricing, setup cost, and licensing?
The solution is too expensive compared to others. If you have the technical knowledge, it's good. Corelight is a very big gap between you and others if you’re new.
What other advice do I have?
Overall, I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Best NDR solution Guardians of Network
What do you like best about the product?
The interface and ease of accessibility and customer support for technical troubleshooting is Awesome
What do you dislike about the product?
nothing to dislike as of now since i am still using and getting used to to the new feature
What problems is the product solving and how is that benefiting you?
We are getting the evidence for the networdk related threat
Corelight
What do you like best about the product?
It gives many advances to the soc like , visibility of devices, check each packet of network with every detail. Works as an open source with SIEM. Has a great features as an IDS. Friendly UI.
What do you dislike about the product?
Many features could be added other than that nothing else .
What problems is the product solving and how is that benefiting you?
Helping organisation with lot of security features to protect devices and monitoring threats.
"Unveiling Network Threats"core
What do you like best about the product?
Corelight helps you to find any bad things happening like sneaky viruses or hackers trying to get in and having a detective tool for our Network. So, that we can process Everything safe and run smoothly
What do you dislike about the product?
The potential downsides of Corelight is that it can be complex to setup and manage and it might require specialized knowledge to use effectively and it needs to be improved for better usages.
What problems is the product solving and how is that benefiting you?
Corelight helps find bad things happening on computer networks.It watches the network traffic and tells us if there are any suspicious activities. With this we can secure the systems safe and secure.
showing 1 - 10