sb-eu logo
Story image

Endace joins IBM Security app exchange community

15 Jan 2019

Network recording and analytics hosting company Endace has launched the EndaceProbe integration with IBM Security to enable customers to retrace detailed, step-by-step actions of an attacker to accelerate forensic investigation.

EndaceProbe Network Analytics Platform captures, indexes, and stores network traffic with 100% accuracy while hosting a variety of network security and performance monitoring applications in Application Dock, EndaceProbe’s built-in hosting environment.

The new application is available to the security community through IBM Security App Exchange, a marketplace where developers across the industry can create applications based on IBM Security technologies.

As threats are evolving faster than ever, collaborative development amongst the security community will help organisations adapt quickly and speed innovation in the fight against cybercrime.

EndaceProbe leverages IBM Security QRadar, the company’s security intelligence platform, which analyses data across an organisation’s IT infrastructure in real-time to identify potential security threats.

Leveraging QRadar’s open application programming interfaces (API), EndaceProbe allows Endace and IBM customers to understand and respond to network events, including everything from anomalous behaviour to insider and advanced threats.

Endace CEO Stuart Wilson says, “Corporate networks are more vulnerable than ever to an accelerating volume of threats, and security analysts need to understand what’s happened with a threat to accelerate security investigation and response.”

“Leveraging the Pivot-to-Vision API integration of EndaceProbes, analysts can click on an alert in QRadar to go directly to view the related packets in EndaceVision, the EndaceProbe’s built-in investigation tool, to see what’s happened so they can respond appropriately.”

Endace’s multifunctional Analytics Platform can host third-party network analytics applications while recoding a 100% accurate Network History, providing evidence for investigating cybersecurity threats, quantifying data breaches and analysing network or application performance problems.

Deploying a dedicated Analytics Platform enables agile deployment of analytics functions on-demand and dramatically reduces OPEX and CAPEX costs by consolidating data centre hardware.

Hosted analytics applications can analyse live traffic at full line rate, or use Playback to analyse historical traffic for powerful, back-in-time analysis. 

Endace’s customers include banks, hospitals, telcos, broadcasters, retailers, governments, and military. 

IBM’s security platform provides the security intelligence to help organisations holistically protect their people, data, applications, and infrastructure.

IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more.

Story image
Lazarus Group linked to phishing attacks on cryptocurrency sector
In this case, the attacks were launched through a phishing document sent via LinkedIn to employees at the targeted organisation. This phishing document was styled to look like a job advertisement for a role in a blockchain company.More
Story image
GCloud updates capabilities with Anthos enhancements
Google Cloud has announced improvements for hybrid compatibility, services, development, migration and identity security with updates to Anthos.More
Story image
Strong cybersecurity posture crucial for company success - Fortinet
"They should also conduct due diligence to ensure partners aren’t inadvertently creating vulnerabilities with insufficient cybersecurity measures."More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
Misinformation on the rise, organisations consider how best to respond
The increase in misinformation and fake domains have left organisations perceiving the threat level to be ‘very significant’, with a third planning greater emphasis on their ability to respond in coming months.More