DEVOPSdigest

Endace announced a new partnership with Micro Focus.

In addition, the companies also announced new integration between ArcSight Enterprise Security Manager and the EndaceProbe Analytics Platform to deliver faster, more accurate response to cybersecurity threats. This integration dramatically reduces the time required for security analysts to respond to cybersecurity threats, at scale.

Micro Focus ArcSight Enterprise Security Manager is a comprehensive real-time threat detection, analysis, workflow, and compliance management platform with powerful data enrichment capabilities. It detects and directs analysts to cybersecurity threats, in real time, helping security operations teams respond quickly to indicators of compromise.

The EndaceProbe Analytics Platform captures, indexes and stores network traffic with 100% accuracy while simultaneously hosting a wide variety of network security and performance monitoring applications in Application Dock, the EndaceProbe’s built-in hosting environment. Hosted applications can analyze recorded traffic in real-time at full line-rate or analyze recorded Network History for back-in-time investigation.

Now, security analysts can go directly from a threat alert in ArcSight Enterprise Security Manager console to the related packet history with a single click, which gives them access to definitive evidence and enables them to prioritize, investigate and respond to the threat quickly and accurately.

Centralizing the management, analysis and reporting of all enterprise security events using ArcSight Enterprise Security Manager reduces threat exposure and gives customers much greater visibility into the threats that their security monitoring solutions detect. Combining this rich security intelligence with the ability to quickly connect threat alerts to the related Network History dramatically increases analyst productivity. This enables faster, more accurate threat response and provides the basis for powerful, proactive threat hunting.

“The integration means Micro Focus customers can establish a consistent, optimized investigation and resolution workflow. Analysts can follow the same triage and investigation process regardless of where a threat was detected or which of the customer’s monitoring solutions detected it,” said Stuart Wilson, CEO, Endace.

“Organizations are continually expressing the need for increased agility when it comes to incident investigation and threat hunting. By bringing our two powerful solutions together, Micro Focus and Endace give customers the capabilities they need to respond quickly and accurately to threats to reduce the risk of serious security breaches,” says Cary Wright, VP Product Management at Endace.

The integration is provided by an easy-to-deploy package which can be downloaded from the Endace Support Portal and is free for Endace and Micro Focus customers. More information about the integration, including a demonstration, is available at endace.com/micro-focus.

The Endace Fusion Program enables market-leading, cybersecurity and network monitoring partners to use EndaceProbe’s API integration and Application Dock VM hosting to connect their solutions directly to Network History. This allows network and security analysts to streamline and automate detection and investigation, choose from industry-leading security and performance solutions, and deliver shared access to a common, authoritative source of network history to all applications and teams that need it.