STOCK TITAN

Corelight Integrates SentinelOne Singularity Platform Data to Accelerate SOC Transformation

Rhea-AI Impact
(Neutral)
Rhea-AI Sentiment
(Neutral)
Tags

Corelight, a leading provider of network detection and response (NDR) solutions, has announced a partnership with SentinelOne (NYSE: S), an AI-powered security company. This collaboration aims to enhance SOC transformation by integrating SentinelOne's endpoint and vulnerability management data into Corelight Sensor, providing real-time enrichment of Corelight logs.

The integration addresses the challenge of alert overload faced by security teams, as highlighted in the Mandiant Global Perspectives on Threat Intelligence report. By correlating data from Corelight and SentinelOne at the sensor level, the partnership aims to simplify alert triage, provide better context for threats, and ultimately reduce mean time to detect (MTTD) and mean time to recovery (MTTR).

This collaboration offers SOC analysts a comprehensive view of network activity across all connected devices, including those where EDR cannot be installed. The integration also enables more effective threat detection and prioritization based on current environmental risks.

Corelight, un fornitore leader di soluzioni di rilevamento e risposta nella rete (NDR), ha annunciato una partnership con SentinelOne (NYSE: S), una compagnia di sicurezza basata sull'AI. Questa collaborazione mira a potenziare la trasformazione del SOC integrando i dati di gestione degli endpoint e delle vulnerabilità di SentinelOne nel Corelight Sensor, offrendo un arricchimento in tempo reale dei log di Corelight.

L'integrazione affronta la sfida del sovraccarico di allerta che le squadre di sicurezza devono affrontare, come evidenziato nel rapporto Mandiant Global Perspectives on Threat Intelligence. Correlando i dati di Corelight e SentinelOne a livello di sensore, la partnership si propone di semplificare la triage delle allerta, fornire un contesto migliore per le minacce e, in ultima analisi, ridurre il tempo medio di rilevamento (MTTD) e il tempo medio di recupero (MTTR).

Questa collaborazione offre agli analisti del SOC una visione completa delle attività di rete su tutti i dispositivi connessi, inclusi quelli su cui non è possibile installare l'EDR. L'integrazione consente anche una rilevazione e prioritizzazione delle minacce più efficace in base ai rischi ambientali attuali.

Corelight, un proveedor líder de soluciones de detección y respuesta en la red (NDR), ha anunciado una asociación con SentinelOne (NYSE: S), una empresa de seguridad impulsada por inteligencia artificial. Esta colaboración tiene como objetivo mejorar la transformación del SOC integrando los datos de gestión de endpoints y vulnerabilidades de SentinelOne en el Corelight Sensor, proporcionando un enriquecimiento en tiempo real de los registros de Corelight.

La integración aborda el desafío de la sobrecarga de alertas que enfrentan los equipos de seguridad, como se destaca en el informe Mandiant Global Perspectives on Threat Intelligence. Al correlacionar datos de Corelight y SentinelOne a nivel de sensor, la asociación busca simplificar la triage de alertas, proporcionar un mejor contexto para las amenazas y, en última instancia, reducir el tiempo medio de detección (MTTD) y el tiempo medio de recuperación (MTTR).

Esta colaboración ofrece a los analistas del SOC una visión integral de la actividad de la red en todos los dispositivos conectados, incluidos aquellos donde no se puede instalar EDR. La integración también permite una detección y priorización de amenazas más efectivas en función de los riesgos ambientales actuales.

코어라이트(Corelight)는 네트워크 탐지 및 대응(NDR) 솔루션의 선두 제공업체로서 인공지능 기반의 보안 회사인 센티넬원(SentinelOne)(NYSE: S)와의 파트너십을 발표했습니다. 이번 협업은 SOC 변환의 향상을 목표로 하며, 센티넬원의 엔드포인트 및 취약성 관리 데이터를 코어라이트 센서에 통합하여 코어라이트 로그의 실시간 보강을 제공합니다.

이 통합은 Mandiant Global Perspectives on Threat Intelligence 보고서에서 강조된 보안 팀이 직면한 경고 과부하 문제를 해결합니다. 센서 수준에서 Corelight와 SentinelOne의 데이터를 상호 연관시켜 이 파트너십은 경고 분류를 간소화하고, 위협에 대한 더 나은 맥락을 제공하며, 궁극적으로 평균 탐지 시간(MTTD)과 평균 복구 시간(MTTR)을 줄이는 것을 목표로 합니다.

이 협업은 SOC 분석가들에게 모든 연결된 장치에서 네트워크 활동에 대한 포괄적인 시각을 제공하며, EDR을 설치할 수 없는 장치도 포함됩니다. 또한 이 통합은 현재의 환경적 위험에 기반한 보다 효과적인 위협 탐지 및 우선 순위 지정을 가능하게 합니다.

Corelight, un fournisseur de premier plan de solutions de détection et de réponse réseau (NDR), a annoncé un partenariat avec SentinelOne (NYSE : S), une entreprise de sécurité alimentée par l'IA. Cette collaboration vise à améliorer la transformation du SOC en intégrant les données de gestion des points de terminaison et des vulnérabilités de SentinelOne dans le Capteur Corelight, offrant un enrichissement en temps réel des journaux de Corelight.

L'intégration répond au défi de la surcharge d'alertes auquel sont confrontées les équipes de sécurité, comme le souligne le rapport Mandiant Global Perspectives on Threat Intelligence. En corrélant les données de Corelight et de SentinelOne au niveau du capteur, le partenariat vise à simplifier la triage des alertes, fournir un meilleur contexte pour les menaces et, finalement, réduire le temps moyen de détection (MTTD) et le temps moyen de récupération (MTTR).

Cette collaboration offre aux analystes SOC une vue complète de l'activité réseau sur tous les appareils connectés, y compris ceux sur lesquels l'EDR ne peut pas être installé. L'intégration permet également une détection et une priorisation des menaces plus efficaces en fonction des risques environnementaux actuels.

Corelight, ein führender Anbieter von Lösungen zur Netzwerkerkennung und -reaktion (NDR), hat eine Partnerschaft mit SentinelOne (NYSE: S), einem AI-gesteuerten Sicherheitsunternehmen, angekündigt. Diese Zusammenarbeit zielt darauf ab, die Transformation des SOC zu verbessern, indem die Daten zu Endpunkten und Schwachstellen von SentinelOne in den Corelight Sensor integriert werden, was eine Echtzeit-Anreicherung der Corelight-Logs ermöglicht.

Die Integration geht die Herausforderung der Alarmüberlastung an, mit der Sicherheits-Teams konfrontiert sind, wie im Bericht Mandiant Global Perspectives on Threat Intelligence hervorgehoben wird. Durch die Korrelation von Daten von Corelight und SentinelOne auf Sensorebene soll die Partnerschaft die Alarmtriage vereinfachen, einen besseren Kontext für Bedrohungen bieten und letztendlich die mittlere Zeit bis zur Erkennung (MTTD) und die mittlere Zeit bis zur Wiederherstellung (MTTR) reduzieren.

Diese Zusammenarbeit bietet den SOC-Analysten einen umfassenden Überblick über die Netzwerkaktivität aller verbundenen Geräte, einschließlich derjenigen, auf denen EDR nicht installiert werden kann. Die Integration ermöglicht auch eine effektivere Bedrohungserkennung und -priorisierung basierend auf aktuellen Umweltrisiken.

Positive
  • Partnership with SentinelOne to enhance SOC transformation
  • Integration aims to reduce mean time to detect (MTTD) and mean time to recovery (MTTR)
  • Provides comprehensive visibility across network and connected devices
  • Enables more effective threat detection and prioritization
Negative
  • None.

Insights

This partnership between Corelight and SentinelOne represents a significant advancement in SOC (Security Operations Center) capabilities. By integrating SentinelOne's endpoint and vulnerability data with Corelight's network detection and response (NDR) solutions, security teams can now correlate threats more effectively at the sensor level. This integration addresses a critical pain point in the industry - the overwhelming volume of alerts that often leads to missed threats.

The combined solution offers several key benefits:

  • Reduced alert fatigue and improved triage efficiency
  • Enhanced visibility across both network and endpoints
  • Faster threat detection and response times
  • Better prioritization of vulnerabilities and threats

For SentinelOne investors, this partnership could potentially expand the company's market reach and increase the value proposition of its Singularity Platform. It demonstrates SentinelOne's commitment to interoperability and its ability to integrate with other leading security solutions, which could positively impact adoption rates and customer retention.

This partnership aligns with current market trends in cybersecurity, where there's a growing demand for integrated, AI-powered security solutions that can handle the increasing complexity and volume of threats. The collaboration between Corelight and SentinelOne addresses key pain points identified in the Mandiant report, where 84% of respondents expressed concern about missing threats due to alert overload.

For SentinelOne, this move could potentially:

  • Strengthen its competitive position against other endpoint security providers
  • Increase its appeal to enterprise customers seeking comprehensive security solutions
  • Drive upsell opportunities within its existing customer base

While the financial impact isn't immediately quantifiable, strategic partnerships like this often lead to increased market share and revenue growth in the medium to long term. Investors should monitor for any uptick in SentinelOne's customer acquisition rates or expansion within existing accounts as indicators of this partnership's success.

Company leverages SentinelOne's rich endpoint and vulnerability management telemetry data within Corelight Sensor to find and disrupt attacks

SAN FRANCISCO, Oct. 15, 2024 /PRNewswire/ -- Corelight, the fastest growing provider of network detection and response (NDR) solutions, today announced a partnership with SentinelOne, (NYSE: S), a global leader in AI-powered security, to provide real-time enrichment of Corelight logs. Combining endpoint and vulnerability data at the point of observation in the network sensor will greatly reduce a security team's mean time to detect (MTTD) and mean time to recovery (MTTR). This native integration drives AI-powered SOC transformation and helps customers disrupt future attacks.

SOC teams can now control the increasing volume of alerts and confidently reduce dwell time for a more secure posture.

According to interviews conducted for the Mandiant Global Perspectives on Threat Intelligence report, 84% of respondents said that they are concerned they may be missing out on threats or incidents because of the number of alerts and data they are faced with. The need for analysts to manually integrate data sources and sort through alerts that may not be indicative of malicious activity leads to increased response time, analyst fatigue and staff turnover. By correlating data from Corelight and SentinelOne at the sensor level, Corelight can simplify and streamline alert triage and provide better context for threats that are traversing or hiding in the network.

"Security teams can become overwhelmed with information across the security stack and as a result can miss the most critical alerts to action immediately," said Todd Wingler, Corelight vice president global alliances and channels. "By combining the insights from both Corelight Open NDR and the SentinelOne Singularity Platform, we're empowering SOC teams to accelerate investigations, reduce false positives, and focus on the most critical indicators of compromise. This means they can finally gain control over the increasing volume of alerts and confidently reduce dwell time for a more secure posture."

By enriching Corelight logs with relevant endpoint data from SentinelOne Singularity Endpoint, SOC analysts have a comprehensive and holistic view of network activity across all connected devices, including unsecured, unsupported, and previously unmanaged endpoints, where EDR cannot be installed. Moreover, by correlating Corelight alerts with endpoint vulnerabilities identified by SentinelOne Singularity Vulnerability Management, mutual customers can more effectively detect and prioritize threats based on current risks to the environment. Pre-correlating data directly in the sensor enhances alerts with additional context that can help accelerate investigations, streamline incident response and reduce the distraction of alerts that can be deprioritized.

"For effective enterprise security, comprehensive visibility across the network and each connected device is paramount," said Melissa K. Smith, vice president of Technology Partnerships & Strategic Initiatives, SentinelOne. "As the fastest growing endpoint company and a top choice of customers around the world, SentinelOne sets the standard for endpoint protection. By integrating our AI-powered Singularity Platform with Corelight's industry-leading network intelligence, SOC teams get deeper insights into existing and novel threats with broader detection coverage and faster investigations."

Learn More about how Corelight and SentinelOne together provide a comprehensive view of enterprise security.

Corelight provides security teams with network evidence so they can protect the world's most critical organizations and companies. Corelight's global customers include Fortune 500 companies, major government agencies, and large research universities. Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek, the widely-used network security technology. For more information, www.corelight.com.

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/corelight-integrates-sentinelone-singularity-platform-data-to-accelerate-soc-transformation-302275724.html

SOURCE Corelight

FAQ

What is the purpose of Corelight's integration with SentinelOne's Singularity Platform?

The integration aims to accelerate SOC transformation by providing real-time enrichment of Corelight logs with SentinelOne's endpoint and vulnerability management data, helping to reduce mean time to detect and recover from threats.

How does the Corelight-SentinelOne integration address the issue of alert overload?

By correlating data from both platforms at the sensor level, the integration simplifies alert triage, provides better context for threats, and helps security teams focus on critical indicators of compromise, reducing alert fatigue and improving response times.

What advantages does the Corelight-SentinelOne integration offer for SOC analysts?

The integration provides SOC analysts with a comprehensive view of network activity across all connected devices, including those where EDR cannot be installed, and enables more effective threat detection and prioritization based on current environmental risks.

How does the integration between Corelight and SentinelOne (NYSE: S) improve enterprise security?

The integration combines Corelight's network intelligence with SentinelOne's AI-powered Singularity Platform, providing deeper insights into existing and novel threats, broader detection coverage, and faster investigations for improved enterprise security.

SentinelOne, Inc.

NYSE:S

S Rankings

S Latest News

S Stock Data

9.02B
288.82M
0.54%
90.54%
3.81%
Software - Infrastructure
Services-prepackaged Software
Link
United States of America
MOUNTAIN VIEW