Case Study: World's Largest Energy Company gains rich network visibility with Corelight

How Corelight cured an energy company’s SOC of a serious SMB headache

World’s Largest Energy Company, one of the world’s biggest energy companies, needed better network traffic analysis and east-west visibility across multiple offices. Existing tools like firewalls, IDS, NetFlow, endpoint AV, and their SIEM didn’t provide enough protocol-level insight to validate alerts or troubleshoot incidents, especially SMB traffic. Corelight, using its Zeek-based network security monitoring platform, was selected to address these visibility gaps.

Corelight’s AP 1000 Sensor gave the SOC rich, protocol-aware network logs that integrated directly with their SIEM and were easy to deploy with no extra setup. The team quickly used Corelight to confirm SMB file access in minutes, debug false positives from IDS tools, and improve email visibility and incident response. The result was faster investigations, stronger alert validation, and months or years of searchable network evidence that improved security operations across the organization.