Endace and the EndaceProbe Analytics Platform
Photo Gallery
Endace and the EndaceProbe Analytics Platform
Additional Info
Company | Endace |
Website | http://www.endace.com |
Company size (employees) | 50 to 99 |
Headquarters Region | North America |
Overview
Endace has specialized in scalable high performance, 100% accurate packet capture technology for more than 20 years and has worked closely with Federal Government and Military customers since its inception. EndaceProbes help government customers to defend critical infrastructure, protect confidential information, and ensure essential services are reliable and accessible.
EndaceProbes provide scalable, accurate, full packet capture and recording, with zero packet loss, on network links from 10Mbps to 100Gbps and beyond. They deliver independent, irrefutable evidence so teams have the data needed to investigate and resolve anomalies and issues quickly and conclusively.
One of Endace’s many customers is the United States’ Defense Information Systems Agency (DISA). DISA depends upon the continuous packet capture provided by EndaceProbes to defend critical networks and infrastructure while supporting hundreds of analysts working to neutralize threats, around the clock and across the globe.
EndaceProbes enable rapid, estate-wide search and data-mining, returning results in minutes rather than hours, allowing DISA analysts to work with team members worldwide to quickly investigate and resolve security incidents. Analysts can access packet data from within existing security and network tools, leveraging seamless workflow integration with these tools to access full network history. The ability to support and enhance DISA’s existing workflows enables rapid user adoption and simplifies training for new analysts. As a result of incorporating EndaceProbes in its solution, DISA now has significantly increased storage capacity, greater reliability, and faster search capability in a much smaller footprint, dramatically improving DISA’s mission capabilities.
DISA Division Chief Tinisha McMillan, said, “The Endace team are experts in their field, understood our infrastructure and supporting technologies, and enabled the mission to be completed ahead of schedule. We’ve been able to speed investigations, create global access, and free up analysts that had been tasked with time-consuming maintenance and support of our legacy, in-house system.”
How we are different
• EndaceProbes provide 100% accurate, always-on packet capture that can scale to 100 Gbps and beyond with petabytes of distributed storage sufficient for weeks to months of recorded history. Its open architecture lets government customers integrate recorded packet capture into security and performance monitoring tools as well as host a wide range of solutions that need access to packet data.
• Endace provides crucial support in a Zero Trust environment: packet data is a critical resource to reinforce this initiative. As recent cyberattacks (such as SolarFlare) have shown, cybersecurity threats can arise from anywhere, not just from the perimeter. Continuous packet capture and network recording serves as indisputable evidence of real-time and historical events on a network. Endace provides full packet capture and recording, giving analysts the detailed information they need to investigate and respond to threats quickly and conclusively.
• EndaceProbes provide a common platform, enabling integration of full packet history into security tools (such as IDS/IPS, Firewalls, SIEM and SOAR tools and AI threat detection) so customers can streamline and standardize investigation workflows. This dramatically increases analyst productivity and efficiency. Analysts can follow a common investigative process from any of their tools, making it easy to access relevant packet evidence. Endace helps Federal Governments and agencies gain deeper visibility and history into their networks and assists these agencies in adhering to the recent Executive Order on Cybersecurity, which requires a minimum of 72 hours of full packet capture to be available on request by either the Federal Bureau of Investigation (FBI) or Cybersecurity Infrastructure Security Agency (CISA).