echoloc
Get started
echoloc/ Companies/ Corelight

Corelight Tech Stack

Open NDR platform converting network traffic into security evidence and AI-driven detections

Computer and Network Security San Francisco, CA 201–500 employees Founded 2016 Privately Held
corelight.com LinkedIn

Corelight operates an open network detection and response (NDR) platform built on Zeek, Suricata, and YARA for continuous network monitoring. The tech stack—Kafka for real-time ingestion, Kubernetes for orchestration, and Splunk/Elasticsearch for analytics—supports a hybrid on-prem and cloud sensor architecture. Hiring is heavily sales-driven (21 sales roles against 14 engineering), with most open positions at senior and director levels, indicating a mature product in land-and-expand motion targeting Fortune 500 and government buyers navigating complex procurement and multi-stakeholder deal cycles.

Tech Stack 58 technologies

Core StackPython AWS Cypress Apache Kafka AWS Lambda DynamoDB Docker Kubernetes Java Go Linux C++ Rust GitLab CI/CD Jenkins Kotlin Scala Salesforce JavaScript Gainsight Splunk Elasticsearch Zeek Suricata YARA AWS API Gateway AWS CloudWatch GCP Azure Humio+27 more

What Corelight Is Building

Challenges

  • Speed incident response
  • Evolving threats
  • Proactive threat hunting
  • Network-based attack detection
  • Reducing production downtime
  • Attackers evading endpoint detection
  • Operational efficiency in purchasing
  • Internal controls in procurement
  • Complex multi-stakeholder enterprise sales cycles
  • High-growth distributed remote environment

Active Projects

  • Automated testing framework development
  • Solution architecture across diverse environments
  • Siem query and dashboard implementation
  • Proof of value engagements
  • Novel data sources
  • Operationalize new features
  • Ml/ai-based detections
  • Open ndr backend architecture
  • Real-time data ingestion pipelines
  • Serverless microservices development

Hiring Activity

Steady45 roles · 15 in 30d

Department

Sales
21
Engineering
14
Support
3
Security
2
Customer-Success
1
Finance
1
Marketing
1
Product
1

Seniority

Senior
26
Director
6
Junior
5
Lead
3
Mid
2
Principal
1
Staff
1

Notable leadership hires: Director of Sales, Accounts Program Director

Company intelligence

Find more companies like Corelight by tech stack, pain points and active projects

Get started free

About Corelight

Corelight delivers an open NDR platform that ingests network traffic and transforms it into structured, correlated evidence for security operations. The platform powers AI-driven detection rules, expert-authored workflows, and integration with existing SIEM and SOC tooling (Splunk, Elasticsearch, Salesforce-managed customers via Gainsight). Deployed both on-premises and in cloud (AWS, Azure, GCP), the system handles real-time data pipelines and serverless microservices to reduce incident response time and enable proactive threat hunting. Customer base spans Fortune 500 companies, government agencies, and research institutions across the US, Germany, UK, Australia, and Israel.

HeadquartersSan Francisco, CA
Company Size201–500 employees
Founded2016
Hiring MarketsUnited States, Germany, United Kingdom, Australia, Israel

Frequently Asked Questions

What is Corelight's tech stack built on?

Corelight uses Zeek, Suricata, and YARA for packet analysis and detection rules; Apache Kafka for real-time ingestion; Kubernetes and Docker for container orchestration; and integrates with Splunk and Elasticsearch for analytics and alerting.

Where is Corelight hiring globally?

Corelight is hiring across the United States, Germany, United Kingdom, Australia, and Israel, supporting its global customer base of Fortune 500 and government agencies.

Similar Companies in Computer and Network Security

Other companies in the same industry, closest in size

C
Cyber Security Forum Initiative
Computer and Network Security
W
Wiz
Computer and Network Security
C
Cloudflare
Computer and Network Security
N
Netskope
Computer and Network Security