The only evidence-first threat investigation platform Investigator is a SaaS-based network detection and response (NDR) solution that combines comprehensive network evidence with machine learning and other analytics integrated into a fast, intuitive search platform to accelerate threat hunting and incident response and consolidates legacy toolsets.

Additional resources:
Blog: https://corelight.com/blog/corelight-investigator-accelerates-threat-hunting

Product guide: https://8645105.fs1.hubspotusercontent-na1.net/hubfs/8645105/data-sheet/ds-pr-corelight-product-guide-single-page.pdf

Data sheet: https://8645105.fs1.hubspotusercontent-na1.net/hubfs/8645105/data-sheet/corelight-investigator.pdf

Quick start: https://8645105.fs1.hubspotusercontent-na1.net/hubfs/8645105/data-sheet/investigator-corelight-quick-start-services.pdf