Endace and Corelight partnership allows SecOps teams to respond with better speed and accuracy

2021-02-10 01:15

Endace announced a strategic partnership with Corelight that will provide security teams with rich insights and detailed forensic data that accelerate the process of detecting, analyzing and responding to network security threats.

Corelight sensors produce rich, protocol-specific logs for incident response and threat-hunting workflows within any SIEM. When integrated with EndaceProbe Analytics Platforms these logs include "Pivot-to-Vision" links which connect SIEM events to the related packet data recorded by the EndaceProbes on the network.

New Corelight virtual sensors can be deployed at any time in minutes on EndaceProbe, providing much needed agility in the fight to defend the network.

"The combination of rich Zeek logs from Corelight sensors and Endace always-on packet capture provides the critical evidence needed to more quickly identify potential threats and preserve all the network evidence for fast, accurate security investigations," Wright says.

The Endace Fusion Program enables market-leading, cybersecurity and network monitoring partners to use EndaceProbe's API integration and Application Dock VM hosting to connect their solutions directly to Network History.

This allows network and security analysts to streamline and automate detection and investigation, choose from industry-leading security and performance solutions, and deliver shared access to a common, authoritative source of network history to all applications and teams that need it.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/08ri8Ixf3YE/

#endace #partnership #secops #teams