Endace

Technology Partner

Endace

EndaceProbe™ Analytics Platform

Combine state-of-the-art AI with full network visibility for confident, rapid threat response

Combining BluVector and Endace gives analysts a platform that detects even the most advanced threats in real time and provides a full understanding of the threat through detailed context and packet-level Network History. The solution enables both Network Operations (NetOps) and Security Operations (SecOps) to make quicker, better-informed, and more confident decisions, allowing their teams to resolve issues more reliably.

BluVector® Cortex™ accurately and efficiently detects, analyzes and contains sophisticated threats including fileless malware, zero-day malware and ransomware in real time.

EndaceProbe™ Analytics Platform capture, index and store network traffic with 100% accuracy, regardless of network speeds, loads or traffic types.

Application Dock™ allows existing Endace customers to extend security and performance monitoring by hosting BluVector Cortex directly on the open EndaceProbe platform.

Accelerating Security Investigations

The Network History recorded by EndaceProbes can be integrated into BluVector Cortex using the Pivot-to-Vision™ function of the EndaceProbe API. Pivot-to-Vision lets security analysts pivot from threat alerts in BluVector Cortex directly to EndaceVision™ (the EndaceProbe’s built-in investigation tool) to analyze the related, packet-level Network History. Using the IP address and time range of the trigger event, Pivot-to-Vision focuses the analyst directly on pre-filtered incident data. EndaceVision lets analysts dissect, review, and extract the relevant traffic from the terabytes of Network History recorded on the network.

With this, analysts can respond quickly, dramatically reducing the time to resolve critical incidents and minimizing the risk of security threats escalating to become more serious breaches.

How BluVector and Endace Work Together

The BluVector Console shows an overview of all detected events
From an event, analysts can select Connectors to go directly to the related packets in EndaceVision.
Examine related packet history in EndaceVision, view packet-level detail in EndacePackets™ or download packet capture file for archival or analysis.

See it in action. Schedule a demo.