English

Français

English

Français

Appearance

CoreSight Overview ​

What is CoreSight? ​

CoreSight is a cyber-physical cartography platform designed for security teams and information systems managers. It allows you to:

  • Inventory all IT/OT assets (network equipment, servers, workstations, PLCs, applications...)
  • Map physical and logical interconnections
  • Evaluate risks and vulnerabilities (CVSS scores, CVEs from NIST NVD)
  • Document according to security frameworks
  • Collaborate in real-time on cartographies

Use Cases ​

Operational Security (SOC / CISO) ​

  • Maintain an up-to-date inventory of exposed assets
  • Quickly visualize the attack surface
  • Correlate CVE vulnerabilities with your infrastructure

Compliance (NIS2 / ISO 27001) ​

  • Produce cartographies compliant with regulatory requirements
  • Generate automated audit reports
  • Track modification history (audit log)

IT/OT Operations ​

  • Document network flows (flow matrix)
  • Manage security zones
  • Visualize dependencies between systems

Technical Architecture ​

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                    Client Browser                    β”‚
β”‚            React 18 + ReactFlow + Recharts           β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                         β”‚ HTTPS + WebSocket
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚              Node.js Backend (Express)               β”‚
β”‚      REST API + Socket.io (real-time collab)         β”‚
β”‚   Port 443 β€” systemd AmbientCapabilities             β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                         β”‚
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚         SQLite (better-sqlite3-multiple-ciphers)     β”‚
β”‚          Encrypted AES-256-CBC (SQLCipher 4)         β”‚
β”‚       /opt/coresight/server/data/coresight.db        β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Data Model ​

Assets ​

Any inventoried element: IP, type, manufacturer, software version, risk score, CVE vulnerabilities, open ports, security zone, location, etc.

Relations ​

Connections between assets: relation type (network, application, logical), direction, protocols, source/destination ports.

Diagrams (Cartographies) ​

Organized visual representation of assets and their relations. Each user can create multiple independent diagrams.

Dashboards ​

Customizable dashboards composed of analytical widgets. Each user has their own dashboard.

Security ​

MechanismImplementation
Data EncryptionSQLCipher (AES-256-CBC, PBKDF2-HMAC-SHA512)
TransportHTTPS/TLS (Let's Encrypt or self-signed)
AuthenticationToken sessions + 2FA TOTP (speakeasy)
Passwordsbcrypt (factor 10)
HTTP HeadersHelmet.js (CSP, HSTS, etc.)
Rate limitingPer endpoint and per IP
AuditFull log of all actions

CoreSight Documentation

Β© 2026 CoreSight β€” All rights reserved