STOCK TITAN
  1. Home
  2. News
  3. S
  4. Corelight Integrates SentinelOne Singularity Platform Data to Accelerate SOC Transformation

Corelight Integrates SentinelOne Singularity Platform Data to Accelerate SOC Transformation

Rhea-AI Impact
(Neutral)
Rhea-AI Sentiment
(Neutral)
Tags

Rhea-AI Summary

Corelight, a leading provider of network detection and response (NDR) solutions, has announced a partnership with SentinelOne (NYSE: S), an AI-powered security company. This collaboration aims to enhance SOC transformation by integrating SentinelOne's endpoint and vulnerability management data into Corelight Sensor, providing real-time enrichment of Corelight logs.

The integration addresses the challenge of alert overload faced by security teams, as highlighted in the Mandiant Global Perspectives on Threat Intelligence report. By correlating data from Corelight and SentinelOne at the sensor level, the partnership aims to simplify alert triage, provide better context for threats, and ultimately reduce mean time to detect (MTTD) and mean time to recovery (MTTR).

This collaboration offers SOC analysts a comprehensive view of network activity across all connected devices, including those where EDR cannot be installed. The integration also enables more effective threat detection and prioritization based on current environmental risks.

Loading translation...

Positive

  • Partnership with SentinelOne to enhance SOC transformation
  • Integration aims to reduce mean time to detect (MTTD) and mean time to recovery (MTTR)
  • Provides comprehensive visibility across network and connected devices
  • Enables more effective threat detection and prioritization

Negative

  • None.

News Market Reaction – S

-2.65%
1 alert
-2.65% News Effect

On the day this news was published, S declined 2.65%, reflecting a moderate negative market reaction.

Data tracked by StockTitan Argus on the day of publication.

Company leverages SentinelOne's rich endpoint and vulnerability management telemetry data within Corelight Sensor to find and disrupt attacks

SAN FRANCISCO, Oct. 15, 2024 /PRNewswire/ -- Corelight, the fastest growing provider of network detection and response (NDR) solutions, today announced a partnership with SentinelOne, (NYSE: S), a global leader in AI-powered security, to provide real-time enrichment of Corelight logs. Combining endpoint and vulnerability data at the point of observation in the network sensor will greatly reduce a security team's mean time to detect (MTTD) and mean time to recovery (MTTR). This native integration drives AI-powered SOC transformation and helps customers disrupt future attacks.

SOC teams can now control the increasing volume of alerts and confidently reduce dwell time for a more secure posture.

According to interviews conducted for the Mandiant Global Perspectives on Threat Intelligence report, 84% of respondents said that they are concerned they may be missing out on threats or incidents because of the number of alerts and data they are faced with. The need for analysts to manually integrate data sources and sort through alerts that may not be indicative of malicious activity leads to increased response time, analyst fatigue and staff turnover. By correlating data from Corelight and SentinelOne at the sensor level, Corelight can simplify and streamline alert triage and provide better context for threats that are traversing or hiding in the network.

"Security teams can become overwhelmed with information across the security stack and as a result can miss the most critical alerts to action immediately," said Todd Wingler, Corelight vice president global alliances and channels. "By combining the insights from both Corelight Open NDR and the SentinelOne Singularity Platform, we're empowering SOC teams to accelerate investigations, reduce false positives, and focus on the most critical indicators of compromise. This means they can finally gain control over the increasing volume of alerts and confidently reduce dwell time for a more secure posture."

By enriching Corelight logs with relevant endpoint data from SentinelOne Singularity Endpoint, SOC analysts have a comprehensive and holistic view of network activity across all connected devices, including unsecured, unsupported, and previously unmanaged endpoints, where EDR cannot be installed. Moreover, by correlating Corelight alerts with endpoint vulnerabilities identified by SentinelOne Singularity Vulnerability Management, mutual customers can more effectively detect and prioritize threats based on current risks to the environment. Pre-correlating data directly in the sensor enhances alerts with additional context that can help accelerate investigations, streamline incident response and reduce the distraction of alerts that can be deprioritized.

"For effective enterprise security, comprehensive visibility across the network and each connected device is paramount," said Melissa K. Smith, vice president of Technology Partnerships & Strategic Initiatives, SentinelOne. "As the fastest growing endpoint company and a top choice of customers around the world, SentinelOne sets the standard for endpoint protection. By integrating our AI-powered Singularity Platform with Corelight's industry-leading network intelligence, SOC teams get deeper insights into existing and novel threats with broader detection coverage and faster investigations."

Learn More about how Corelight and SentinelOne together provide a comprehensive view of enterprise security.

Corelight provides security teams with network evidence so they can protect the world's most critical organizations and companies. Corelight's global customers include Fortune 500 companies, major government agencies, and large research universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek, the widely-used network security technology. For more information, www.corelight.com.

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/corelight-integrates-sentinelone-singularity-platform-data-to-accelerate-soc-transformation-302275724.html

SOURCE Corelight

FAQ

What is the purpose of Corelight's integration with SentinelOne's Singularity Platform?

The integration aims to accelerate SOC transformation by providing real-time enrichment of Corelight logs with SentinelOne's endpoint and vulnerability management data, helping to reduce mean time to detect and recover from threats.

How does the Corelight-SentinelOne integration address the issue of alert overload?

By correlating data from both platforms at the sensor level, the integration simplifies alert triage, provides better context for threats, and helps security teams focus on critical indicators of compromise, reducing alert fatigue and improving response times.

What advantages does the Corelight-SentinelOne integration offer for SOC analysts?

The integration provides SOC analysts with a comprehensive view of network activity across all connected devices, including those where EDR cannot be installed, and enables more effective threat detection and prioritization based on current environmental risks.

How does the integration between Corelight and SentinelOne (NYSE: S) improve enterprise security?

The integration combines Corelight's network intelligence with SentinelOne's AI-powered Singularity Platform, providing deeper insights into existing and novel threats, broader detection coverage, and faster investigations for improved enterprise security.

Related Articles

Continue reading with these related stories

View All Latest News