Le Lézard
Classified in: Science and technology
Subjects: Contract/Agreement, Product/Service

Endace and Corelight Partnership Delivers Comprehensive Network Insights for Security Analytics and Rapid Incident Response


Endace today announced a strategic partnership with Corelight, provider of the industry's first open network detection and response (NDR) platform, that will provide security teams with rich insights and detailed forensic data that accelerate the process of detecting, analyzing and responding to network security threats.

Corelight sensors produce rich, protocol-specific logs for incident response and threat-hunting workflows within any SIEM. When integrated with EndaceProbetm Analytics Platforms these logs include "Pivot-to-Vision" links which connect SIEM events to the related packet data recorded by the EndaceProbes on the network. Security analysts can quickly investigate incidents from their SIEM using a single click drill-down to analyze recorded network history and investigate a threat event's packet data in granular detail.

Additionally, Corelight's Software Sensor can be hosted directly on the EndaceProbe platform in Application Docktm, the EndaceProbe's powerful analytics hosting environment. This allows joint customers to simplify deployments and extend Corelight sensor coverage by deploying sensors wherever they have an EndaceProbe deployed. New Corelight virtual sensors can be deployed at any time in minutes on EndaceProbe, providing much needed agility in the fight to defend the network.

"Security analysts are in desperate need of faster, more accurate incident response workflows. They have a tough job closing out security incidents when evidence such as system logs may have been modified or wiped by an attacker. However, what attackers can't change is the packet record of what happened on the network and the vast majority of attacks happen across the network," said Cary Wright, Endace VP of Product Management.

"The combination of rich Zeek logs from Corelight sensors and Endace always-on packet capture provides the critical evidence needed to more quickly identify potential threats and preserve all the network evidence for fast, accurate security investigations," Wright says.

"The power of this integration is having one click access to all this network data right from within the SIEM," said Vijit Nair, senior director of product management at Corelight. "Security teams need fast access to rock-solid evidence so they can remediate threats before they progress to more serious stages and analysts don't have time to learn lots of different tools. Having both Corelight logs and Endace packet data accessible right from within the SIEM means all the data needed to identify, investigate and remediate threats is right at their fingertips."

A solution guide to the integration can be found at endace.com/corelight. Corelight has also joined Endace's Fusion Partner program.

The Endace Fusion Program enables market-leading, cybersecurity and network monitoring partners to use EndaceProbe's API integration and Application Docktm VM hosting to connect their solutions directly to Network History. This allows network and security analysts to streamline and automate detection and investigation, choose from industry-leading security and performance solutions, and deliver shared access to a common, authoritative source of network history to all applications and teams that need it.

About Endace

Endace specializes in high-speed, scalable packet capture for cybersecurity, network and application performance. The open, EndaceProbe Analytics Platform lets customers record a 100% accurate history of activity on their network and can host network security and performance monitoring tools that need to analyze real-time or historical traffic. Endace's Fusion Partners provide pre-built integration with the EndaceProbe platform to accelerate and streamline incident investigation and resolution.

Endace's global customers include banks, healthcare, telcos, broadcasters, retailers, web giants, governments and military. www.endace.com


These press releases may also interest you

at 08:30
Latch, Inc., soon to be Door.com, today announced the launch of its property management division, Door Property Management, LLC (DPM), and the acquisition of the property management business of The Broadway Company (TBC). The acquisition enables DPM...

at 08:30
ARHT Media Inc. , a global leader in the development of high-quality, low-latency hologram and digital content, was excited to announce its collaboration with Provision Events for an innovative project with Hoag, a distinguished nonprofit...

at 08:30
Assure Holdings Corp. (the "Company" or "Assure") , a provider of intraoperative neuromonitoring ("IONM") and remote neurology services, today announced that it closed the sale of certain assets of its IONM business to MPOWERHealth on March 26, 2024....

at 08:25
Aurion Biotech, whose mission is to restore vision to millions of patients with life-changing regenerative therapies, today announced that it has dosed the first Canadian subject in its Phase 1 / 2 clinical trial (ABA-1, CLARA) of AURN001, a cell...

at 08:20
The "Highly Potent API Market - A Global and Regional Analysis: Focus on Type, Type of Synthesis, Therapeutic Area, Type of Manufacturing, End User, and Country - Analysis and Forecast, 2023-2033" report has been added to ResearchAndMarkets.com's...

at 08:15
Keysight Technologies , today announced its intention to acquire the entire issued and to be issued share capital of Spirent Communications PLC (London Stock Exchange Symbol: SPT) ("Spirent") for a cash consideration of 199 pence per Spirent share...



News published on and distributed by: