Corelight

Corelight provides an Open Network Detection and Response (NDR) platform that converts network and cloud activity into security evidence. The company's technology is built on Zeek, an open source network security monitoring platform originally created by co-founder Dr. Vern Paxson over 25 years ago at Lawrence Berkeley National Laboratory. The platform also incorporates insights from Suricata and proprietary technologies for VPN, encrypted traffic collection, and packet capture. Corelight's sensors deploy across virtual, software, cloud, and physical environments to generate detailed logs and metadata about network activity. This evidence enables security teams to conduct threat hunting, investigate cyber incidents, gain network visibility, and perform analytics. The platform includes machine learning capabilities and scalable search functionality to help defenders analyze network traffic patterns and identify malicious activity. The company serves large enterprises and government agencies across more than fifteen countries, with particular adoption in sectors like utilities, healthcare, manufacturing, and government. Corelight continues to serve as the steward of the Zeek open source project while developing commercial products that make the technology more accessible and integrated for enterprise use. The company was incorporated in 2016 by the original Zeek creators and has grown to a Series E-funded organization backed by investors including Accel, Insight Partners, and CrowdStrike.