Endace, specialists in high speed network recording and analytics hosting, have launched the EndaceProbe integration with IBM Security to enable customers to retrace the detailed, step-by-step actions of an attacker to accelerate forensic investigation. EndaceProbe Network Analytics Platform captures, indexes, and stores network traffic with 100% accuracy while simultaneously hosting a wide variety of network security and performance monitoring applications in Application Dock, EndaceProbe’s built-in hosting environment.
The new application is freely available to the security community through IBM Security App Exchange, a marketplace where developers across the industry can create applications based on IBM Security technologies. As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against cybercrime.
EndaceProbe leverages IBM Security QRadar, the company’s security intelligence platform, which analyses data across an organization’s IT infrastructure in real-time to identify potential security threats. Leveraging QRadar’s open application programming interfaces (API), EndaceProbe allows Endace and IBM customers to better understand and respond to, network events, including everything from anomalous behaviour to insider and advanced threats.
“Corporate networks are more vulnerable than ever to an accelerating volume of threats, and security analysts need to understand what’s happened with a threat to accelerate security investigation and response,” said Stuart Wilson, CEO, Endace.
“Leveraging the Pivot-to-Vision API integration of EndaceProbes, analysts can click on an alert in QRadar to go directly to view the related packets in EndaceVision, the EndaceProbe’s built-in investigation tool, to see precisely what’s happened so they can respond appropriately.”
The application is available for download now from IBM’s Security App Exchange.