Overview
Product Information on Corelight Open NDR Platform
Updated 21st October 2025
What is Corelight Open NDR Platform?
Corelight Open NDR Platform Pricing
Corelight Open NDR Platform Product Images
Overall experience with Corelight Open NDR Platform
Manager of IT Services
30B + USD, IT ServicesFAVORABLE
“Corelight's data and evidence is the real hero ”
It's been a breath of fresh air compared to the "black box" AI tools that dominate the NDR market. Most tools give you a high-level alert and then leave you to guess what actually happened. Corelight gives you evidence first. It is a large data volume, but once we turned on our ingest and got Zeek logs flowing into our SIEM, the speed of our investigations doubled. It's an impactful pro tool that doesn't hold your hand, but doesn't lie to you.
IT Security & Risk Management Associate
50M - 250M USD, MiscellaneousCRITICAL
“Challenges With Centralized Management In Multi-Environment Deployments Of Sensor Networks”
I feel this vendor could be better at listening to and working with customers to provide product improvement in a timely manner
About Company
Company Description
Corelight is a company that primarily focuses on network security. Its objective is to transform network and cloud data into detailed evidence to help counter ever-evolving cyber threats. The company offers an open Network Detection and Response (NDR) platform that provides a comprehensive, correlated view of the network, granting unmatched visibility to users. With the advantage of swift investigation, expert-like cyber threat hunting and potential attack disruption capabilities, Corelight targets to enhance cybersecurity preparedness. It offers both on-premise and cloud-based sensors capable of capturing standard industry telemetry and insights that align with pre-existing user tools and processes. Clients of Corelight span diverse sectors, including large scale businesses, government agencies and research institutions.
Company Details
Company type
Private
Year Founded
2016
Head office location
San Francisco, United States
Number of employees
201 - 500
Website
Do You Manage Peer Insights at Corelight?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Top Corelight Open NDR Platform Alternatives
Peer Discussions
Corelight Open NDR Platform Reviews and Ratings
Filter Reviews
Sort By:
Most helpful
Last 12 Months
Star Rating
Reviewer Type
Reviewer's Company Size
Reviewer's Industry
Reviewer's Region
Reviewer's Job Function
- Manager of IT Services10B+ USDIT ServicesReview Source
Corelight's data and evidence is the real hero
It's been a breath of fresh air compared to the "black box" AI tools that dominate the NDR market. Most tools give you a high-level alert and then leave you to guess what actually happened. Corelight gives you evidence first. It is a large data volume, but once we turned on our ingest and got Zeek logs flowing into our SIEM, the speed of our investigations doubled. It's an impactful pro tool that doesn't hold your hand, but doesn't lie to you. - Manager, IT Security and Risk ManagementGov't/PS/EdGovernmentReview Source
Death of NDR is greatly exaggerated
Corelight have been great and engaged with us from initial deployment stages through to ongoing maintenance in production. Product gets updated frequently with new functionality that is genuinely useful capability additions. - Engineering Manager50M-1B USDIT ServicesReview Source
Excellent customer support and GUI makes administration simple
Corelight staff have been friendly, knowledgeable, and prompt about providing support whenever we have asked, which has occurred on a range of topics over the course of the last year. I have been impressed with their level of responsiveness compared to other vendors, and I have not had a single negative interaction with Corelight even while troubleshooting product problems or issues, which says a lot about their staff's professionalism and courtesy. - IT Security & Risk Management AssociateGov't/PS/EdEducationReview Source
Comprehensive Network Telemetry With Flexible Output Options
High quality network telemetry with very useable output for network security monitoring Various output options including seamless integration with Kafka message broker Good network detection packages are part of the product Suricata IDS is part of the features available for additional cost Excellent support team and overall very good customer care Continuous improvements and role out of new features on a regular basis Commitment to open data formats making integrations easy - EngineerGov't/PS/EdGovernmentReview Source
Initial Corelight Rollout
It works, sometimes it takes a little customization but together everything has been successful.
...
Showing Result 1-5 of 131
Recommended Gartner Insights
This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.
