Endace and Corelight Partnership Delivers Comprehensive Network Insights for Security Analytics and Rapid Incident Response
February 2021 by Marc Jacob
Endace announced a strategic partnership with Corelight, provider of the industry’s first open network detection and response (NDR) platform, that will provide security teams with rich insights and detailed forensic data that accelerate the process of detecting, analyzing and responding to network security threats.
Corelight sensors produce rich, protocol-specific logs for incident response and threat-hunting workflows within any SIEM. When integrated with EndaceProbe™ Analytics Platforms these logs include “Pivot-to-Vision” links which connect SIEM events to the related packet data recorded by the EndaceProbes on the network. Security analysts can quickly investigate incidents from their SIEM using a single click drill-down to analyze recorded network history and investigate a threat event’s packet data in granular detail.
Additionally, Corelight’s Software Sensor can be hosted directly on the EndaceProbe platform in Application Dock™, the EndaceProbe’s powerful analytics hosting environment. This allows joint customers to simplify deployments and extend Corelight sensor coverage by deploying sensors wherever they have an EndaceProbe deployed. New Corelight virtual sensors can be deployed at any time in minutes on EndaceProbe, providing much needed agility in the fight to defend the network.