Top Alternatives to Corelight Software Sensor
Network SecuritySoftware-based NDR sensor for network visibility in hybrid & multi-cloud envs
209 Alternatives to Corelight Software Sensor
Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
A cross-platform network detection tool that identifies active Responder tools by sending LLMNR queries for fabricated hostnames.
A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.
NDR solution providing network visibility, threat detection, and intrusion prevention
NDR platform for IT/OT environments with threat detection and CTI
Network detection and response platform for threat detection and analysis
NDR platform with NGIPS, NetFlow/sFlow analysis, SIEM, and correlation engine
NDR solution with threat intelligence, PCAP analysis, and SOC services
A network detection and response solution that uses AI and machine learning to monitor network traffic, identify malicious behavior, and connect related security events to reveal attack patterns without requiring endpoint agents.
SOCRadar DNS Monitoring provides real-time monitoring of DNS infrastructure with automated discovery, record change alerts, and detection of DNS-based security threats.
Network appliance detecting advanced threats via sandboxing & traffic analysis
Network detection and response system for threat detection and analysis
NDR platform for threat detection and response via network traffic monitoring
Digital experience monitoring for network, device, and app performance
AI-powered network detection and response platform for threat detection
Flow-based network traffic monitoring and bandwidth analysis tool
AI-driven threat detection platform identifying malicious behaviors across networks
AI-powered NDR platform for threat detection across network, identity, and cloud
AI-powered network threat detection across hybrid environments
Network traffic broker for visibility, monitoring, and traffic optimization
AI-powered NDR platform with UEBA for threat detection and network visibility
AI-driven NDR platform enabling real-time threat intelligence sharing across orgs
Network detection and response platform for threat detection and visibility
NDR solution that blocks malicious traffic before alerts are generated
Network traffic analysis tool for real-time intrusion detection and monitoring
NDR solution monitoring North-South & East-West traffic with 24/7 SOC analysis
SIEM-integrated NDR platform for network traffic monitoring and threat detection
NDR platform for detecting threats via network analytics and traffic analysis.
Service that identifies network blind spots and unmanaged nodes.
Network Detection and Response platform for threat detection and investigation
Network TAP devices for transparent traffic duplication and monitoring
Network traffic monitoring solution with real-time analysis and visibility
Qualified NDR system for threat detection with behavioral analysis
Qualified network TAPs for traffic duplication and network monitoring
NDR platform for IT/OT threat detection with behavioral analysis
Network Detection and Response system for threat detection and response
Open source Suricata-based NDR system with threat detection and analysis
Network detection and response platform with threat intel fusion and automation
Real-time network security monitoring for threat detection using DPI and sandbox
AI-powered network security platform with NDR, domain filtering, and 24x7 SOC
On-premise network threat detection & blocking powered by threat intelligence
Transforms NAT gateways into security sensors for cross-cloud egress visibility
SaaS-based NDR platform for threat investigation and Tier 1 workflows
Network detection and response platform with IDS, NSM, and threat intel.
Network detection and response platform with AI-powered threat detection
AI-powered NDR platform with ML threat detection and GenAI SOC workflows
Transforms raw flow logs into enriched Zeek logs for threat detection.
Cloud-based NDR sensors for AWS, GCP, and Azure network traffic analysis
Network sensor appliance for traffic monitoring using Zeek and Suricata
NDR platform providing MITRE ATT&CK coverage via Zeek network telemetry
Network security monitoring platform that transforms traffic into transaction logs
Detects command and control activity including C2 toolkits and tunneling.
Network asset discovery and inventory tracking for entity profiling
Selective packet capture linked to Zeek logs for investigation workflows
Analytics collection for Zeek-based NDR with threat detection & data controls
Analyzes encrypted network traffic without decryption for threat detection.
Virtual network sensors for Hyper-V and VMware that parse traffic into NDR data
Behavior-based network threat detection at line speeds with live analysis
Real-time network detection with post-compromise forensics capabilities
AI-powered network security solution for SMBs with sensor device and MSP portal
Embedded DPI & threat detection SDK for traffic classification & analysis
Unified NDR, NPM, and IDS platform with packet-level network visibility
NDR solution that analyzes network traffic to detect threats and risks.
Continuous full packet capture and forensics for network investigations
Agentless network visibility platform for security posture management
TLS/SSL decryption for network traffic visibility and security analysis
Network monitoring platform with Zeek integration for traffic analysis
NDR platform with DPI for network visibility, threat detection, and investigation
Network packet capture & forensic analysis platform with AI-driven analytics
Network packet capture & forensics platform with multi-Tbps capabilities
Network performance monitoring tool with full packet capture and DPI (L2-L7)
Centralized network monitoring platform for multi-site visibility and analysis
Flow-based network monitoring platform for performance and security visibility
Network visibility and security insights platform for IT environments
Cloud-based endpoint & network monitoring for remote/hybrid workforce troubleshooting
Handheld network vulnerability scanner for wired and WiFi edge networks
Handheld Wi-Fi 6/7 vulnerability scanner for wireless network security testing
Cloud platform for network analysis, monitoring, and vulnerability reporting
Network & app performance monitoring platform with end-to-end visibility
DNS-layer network visibility and monitoring with query logging and analytics
TLS decryption solution that extracts session keys from memory for traffic inspection
AI-driven NDR for identifying and responding to network threats
AI-powered NDR solution with behavioral analysis and managed SOC services
Network traffic analysis tool for firewall log monitoring and security
Centralized mgmt platform for deploying & monitoring up to 100 ETO appliances
TLS/SSL/SSH decryption for AWS cloud traffic visibility and security tools
Encrypted Traffic Orchestrator (ETO) for network visibility & decryption
Virtual appliance for TLS decryption to enable security tool visibility
Network abuse management platform for ISPs to automate abuse case handling.
CSP-delivered home network security for IoT and connected devices.
AI-based network threat detection using unsupervised machine learning.
AI-powered network cybersecurity platform for telcos to protect subscribers.
Managed NDR with packet inspection, threat intel, IDS, and deception for edge devices.
AI-driven network monitoring & threat detection platform for SMBs.
Passive network perimeter appliance for detecting known & unknown attacks.
PCAP-based network traffic analysis service for threat detection.
Invitation-based NSM program for MSPs using dedicated network listening stations.
Evolutionary AI-based network anomaly detector that adapts to sophisticated attacks.
Network packet broker that aggregates & distributes traffic to security tools.
Modular network observability platform for packet brokering, capture & analytics.
Lossless packet capture & analysis appliance at 10–200 Gbps line rate.
Network data visualization & admin console for hybrid-cloud observability.
Agentless multi-cloud packet mirroring, capture, and network analytics platform.
Packet broker, capture & observability suite for hybrid network security.
Packet-based network observability platform for hybrid environments.
AI/ML tool that distills packet metadata into actionable NetOps/SecOps insights.
Polish NDR appliance for network threat detection, forensics & GDPR compliance.
Network traffic analysis platform measuring app-specific Quality of Outcome for NSPs.
Passive network intelligence platform for gov/defense with real-time visibility.
CDN-integrated edge platform for real-time cyberfraud detection and prevention.
AI-powered DNS log analysis platform for threat detection & response.
AI-based DNS security platform blocking tunneling, malware, and zero-days.
AI-powered DNS detection & response platform integrating DNSEye, DNSDome & Cyber X-Ray.
Cloud-based portal for near-real-time DDI telemetry, analytics & monitoring.
Network flow analysis platform for threat detection and Shadow IT discovery.
Network flow & SNMP collector with analytics for traffic visibility.
High-performance unsampled NetFlow generator for network visibility.
NetFlow/IPFIX traffic analyzer for network visibility and anomaly detection.
Network digital twin platform for visibility, security & ops assurance.
Platform providing contextualized network data insights for security and ops teams.
Modular 1U/2U copper network TAPs for out-of-band monitoring in data centers.
Hardware network TAPs for 1G copper link monitoring & troubleshooting.
Hardware appliance that removes duplicate packets from network traffic up to 40G.
Portable SFP/SFP+ network TAPs for passive traffic monitoring in IT/OT envs.
Hardware NPB suite for network traffic visibility, aggregation & filtering.
Hardware network TAPs, packet brokers, bypass, and data diodes for visibility.
Software-based virtual TAP that mirrors & forwards VM network traffic.
Hardware aggregators combining TAP/SPAN traffic copies for network monitoring tools.
Inline bypass TAPs and packet brokers for network continuity and traffic visibility.
Hardware devices that replicate TAP/SPAN network traffic to multiple tools.
Big data network traffic analytics platform for carrier-grade environments.
Enriches IP flow data with OTT service, CDN, and subscriber identity context.
Flow load balancer for distributing & filtering NetFlow records to collectors.
AI-driven platform that detects, isolates, and contains network threats in seconds.
Network hop-limiting platform that reduces attack surface for MSSPs.
Network observability platform for hybrid and multi-cloud traffic monitoring.
End-to-end SD-WAN monitoring with underlay/overlay visibility.
Windows-based network protocol analyzer for deep packet capture and analysis.
NPM solution for on-prem, SD-WAN, cloud & hybrid network visibility.
Network internet usage & security alerting with DPI-based misuse detection.
Internet & WAN mgmt toolkit for app monitoring, QoS, and access control.
100G Network Packet Broker for SOC/NOC traffic visibility & tool optimization.
Advanced NPB traffic intelligence platform with packet acceleration for NetOps/SecOps.
Hardware device that passively copies network traffic for out-of-band monitoring.
Hardware network TAP providing passive traffic copy for monitoring & security tools.
Network visibility platform with packet brokers, TAPs, and bypass switches.
L7 packet acceleration module for network packet brokers with traffic processing.
Virtualized cloud packet broker for hybrid cloud network visibility.
Virtual hosting platform for 3rd-party apps on network visibility infra.
Windows tool for scanning, monitoring & auditing BT network security.
Windows tool that monitors Internet bandwidth usage and active connections.
Windows utility for searching and locating files across LAN/corporate networks.
Network traffic analyzer that monitors bandwidth usage and active connections.
Enterprise network monitoring via deep packet inspection & traffic classification.
z/OS mainframe TCP/IP network monitoring with real-time browser-based visibility.
Agentless residential network security covering IoT, phishing, malware & DDoS.
Network device & service visibility platform for ISPs using device fingerprinting.
GenAI-powered NDR alert management with real-time anomaly detection.
Deep learning-based encrypted traffic classification up to 25 Gbps w/o decryption.
Flow-based network security monitoring tool using anomaly detection.
AI-driven network security platform for distributed IT/IoT environments.
Network defense platform with real-time content inspection & threat blocking
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
Open source framework for network traffic analysis with advanced features.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
A service for better visibility on networking issues in Kubernetes clusters by detecting traffic denied by iptables.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
A tool for classifying packets into flows based on 4-tuple without additional processing.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
PCAPdroid is a privacy-friendly app for tracking, analyzing, and blocking network connections on your device.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.
Django based web application for network traffic analysis with protocol handling capabilities.
PFQ v6.2 is a functional framework for Linux optimized for efficient packet capture/transmission and in-kernel processing.
A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.
A network protocol analyzer for capturing and analyzing network traffic with a focus on TCP/IP flow reconstruction and response time tracking.
High-performance packet capture library with zero copy functionality.
A technique to associate applications with TLS parameters for identifying malware and vulnerable applications.
AI-driven NDR platform detecting threats across network, identity, and cloud
Stay Updated with Mandos Brief
Get strategic cybersecurity insights in your inbox
