Critical Path Security Léargas Platform

The Critical Path Security Léargas Platform is a network traffic analysis and intrusion detection system built on Zeek (formerly Bro). It is designed for enterprise deployments and is available in multiple form factors including 1U or 2U physical appliances, VMware OVA virtual appliances, and cloud deployments on AWS and GCP. The platform performs deep inspection of network traffic, capturing rich network metadata across all protocol events in a multi-contextual and multi-dimensional manner. It supports file extraction for additional analysis and provides application-layer insights. Data enrichment is handled on-box, accepting open-source Zeek scripts for analytical customization. The platform integrates with the Critical Path Security Illuminate threat intelligence feed platform, as well as third-party threat intelligence providers. Anomaly detection is built into the platform to support faster incident observation and response. The platform can deliver data directly into Splunk via a custom Splunk application, or through its own native Léargas User Interface. Appliance management is designed to be automated and extensible, with support for configuration management tools such as Puppet and Chef. Updates can be applied via Git repositories, either directly or through Artifactory. The VMware OVA deployment option allows additional collection points to be added, increasing network visibility and contextual analysis coverage across an environment.