Endace and Elastic Partner to Deliver Greater Network Observability and Enhanced Forensics

Elastic Stack and Elastic Security seamlessly integrate with EndaceProbe’s always-on packet capture to accelerate cyber threat response and network performance

AUSTIN, Texas & AUCKLAND, New Zealand–(BUSINESS WIRE)–Packet Capture authority Endace announced today a technical partnership with leading SIEM and observability platform provider Elastic. The partnership brings together the EndaceProbe™ Scalable Hybrid Cloud Packet Capture, Elastic™ Stack and Elastic™ Security, and provides the packet-level network visibility and detailed network metadata that Security and IT teams need when responding to security threats and network or application performance issues.

EndaceProbes can record weeks or months of full packet capture across hybrid cloud networks to provide a complete and accurate record of all network activity. The detailed packet data captured by EndaceProbe is a perfect complement to the rich logs and metadata captured by Elastic Stack.

In addition, EndaceProbe appliances can host EndaceFlow™, which generates extremely high-fidelity NetFlow data at full line rate. This NetFlow data can be ingested by Elastic Stack to provide detailed metadata for monitoring the security and performance of the network and interrogating network activity.

By combining Endace and Elastic Stack, organizations gain accurate, highly detailed visibility into both real-time and historical network activity. Security and IT analysts can search network metadata in Elastic, and quickly pivot to full packet data for forensic investigations when they need to. The result is faster, more accurate incident investigation and resolution.

Pre-built integration between EndaceProbes and Elastic Stack enables streamlined investigation workflows. Analysts can click on alerts in the Elastic UI to go directly to the related full packet data recorded by EndaceProbe. Analysts can quickly view traffic right down to individual packet level to see precisely what occurred before, during and after any event, with absolute certainty.

“The combination of the Elastic Stack and EndaceProbe gives Cybersecurity and IT teams the ability to see exactly what’s happening on their network in real-time. And when they need to go back in time to investigate any incident they have a complete record of that activity at their fingertips,” said Cary Wright, Endace VP Product. “The ability to pivot from anomalies or security alerts directly to forensic examination of packet-level data lets analysts see exactly what’s happening. They can quickly respond to incidents and dramatically mitigate threat risk to their organizations.”

The Endace Fusion Partner program provides pre-built integrations between industry-leading solutions and EndaceProbe’s powerful API to give Security and IT teams the reliable evidence they need to protect their networks from cyber threats and performance issues. For more information, please visit www.endace.com/fusion-partners.

Additional Resources:

• Watch a short demo or download the Endace Elastic Solution Brief here: https://www.endace.com/elastic-security
• Connect with Endace
• Follow Endace on X, LinkedIn, and YouTube

About Endace:

Endace specializes in high-speed, scalable packet capture for cybersecurity, network and application performance. The open EndaceProbe Analytics Platform lets customers record a 100% accurate, packet-level history of activity across their hybrid cloud network. EndaceProbe appliances can also host network security and performance monitoring tools that need to analyze real-time or historical traffic in on-premise locations. Endace’s Fusion Partners provide pre-built integration with the EndaceProbe platform to accelerate and streamline incident investigation and resolution. www.endace.com.

Contacts

Email: pr@endace.com

Phone:

Mark Evans, mobile +64-21-494 850 – New Zealand / APAC

Kimber Smith-Fidler, mobile +1 775 298 5260 – USA / North America

Leah Jones (The CommsCo) +44 203 697 6680 – UK / EMEA