Endace Packet Forensics Files: Episode #40

Original Entry by : Michael Morris

Michael talks to Chris Greer, Packet Pioneer and Wireshark Guru.

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

Threat hunting is a critical cybersecurity activity that is growing in importance and prevalence around the globe.  Are your SOC analysts developing the skills and toolsets they need to enable more efficient and effective threat hunting?  What are the inhibitors your teams face and do you have the right tools and processes in place?

In this episode of the Endace Packet Forensic files, I talk with Chris Greer of Packet Pioneer.

Chris is an experienced protocol analyst and forensics expert. He is a renowned instructor for Wireshark University as well as the host of a popular YouTube channel where he shares insights into threat hunting and demonstrates the importance of understanding how to investigate and resolve issues using packet analysis. In this episode, Chris talks about some of the problems or threats you can only see as part of your incident response investigation processes and workflows if you have access to full packet data.

Finally, Chris highlights some of the gaps that organizations have in their security stacks that make it hard for them to confirm or deny false positives and how to resolve this visibility issue. He offers recommendations for training and suggests how to improve your organization’s threat hunting capability.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.


Women in technology: Empowering the future

Original Entry by : Marjo Montejo

By Marjo Montejo, Staff Software Engineer, Endace

Women have had a significant role in the growth of technology over time. For example, Ada Lovelace created an algorithm for Charles Babbage’s Analytical Engine which is considered to be one of history’s first computers ever made-and she did this back when women weren’t even allowed into engineering school! Women are also underrepresented today as well; only 27% work within tech fields related jobs – a problem that needs solving.

Growing up, I never really considered a career in technology. It wasn’t until I was older that I realized the impact that technology has on our world. From the way we communicate to the way we live and work, technology is everywhere. And it’s only going to become more and more integral to our lives in the future.

I’m grateful that I ended up working in the technology industry. It’s been a great way to grow and develop professionally. And I love the work flexibility that allows me to have a healthy work-life balance. This flexibility allows me to pursue my hobbies and personal interests, such as enjoying New Zealand’s great outdoors and spending time with my family.

I appreciate the fact that Endace is a company that is doing its bit to promote gender diversity in the workplace. And I think the Endace Scholarship for Women in Technology is certainly pointing in the right direction. By empowering women to enter into and succeed in tech careers, we’re helping to build a brighter future for us all.

So, if you’re considering a career in technology, don’t be afraid to go for it. With hard work and dedication, you can achieve anything you set your mind to. And who knows? You might just end up changing the world.

The Scholarship consists of two $10,000 scholarships per year, for three years, for women enrolled full-time in specific technology degree programs: B CompSc, B CompSc (Honours), or BE (Honours) Software Engineering.

The scholarships also offer the potential for work placement.

Applications are opening on 15 November 2022 and can be made via the University of Waikato, MyWaikato portal. Full eligibility requirements can be found at Waikato.ac.nz

The closing date for applications is February 15th, 2023.


Endace Packet Forensics Files: Episode #39

Original Entry by : Michael Morris

Michael talks to Justin Fier, VP of Tactical Risk and Response, Darktrace.

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

In the current era of extreme geopolitical instability, focus is intensifying on potential nation-state cyberthreats and how governments can defend against nation-states and cyber mercenaries. The increasing threat of nation-state led or sponsored attacks, combined with the massive potential impact of attacks on critical infrastructure are the stuff of nightmares that keep cyberdefenders up at night.

In this episode, I welcome back Justin Fier, VP Tactical Risk and Response at Darktrace (who was our very first guest in this series almost 40 episodes ago!) to talk about nation-state cyber, where he sees the threats lie, and what organizations can do to better prepare for possible attacks.

Justin talks about some of the great work being done by organizations like CISA, and the signs of increased collaboration between nation state defenders as being positive signs that things are moving in the right direction. But there are also significant challenges. Overcoming the slow pace of organizational change, addressing the dearth of skilled cybersecurity professionals, and building the agility to respond to the constantly evolving threat landscape are all major issues that we need to respond to as an industry – whether that’s in government defense or in securing the enterprise.

Lastly, Justin discusses what we need to do to better defend against nation-state and nation-state-sponsored attackers, and puts on his forecasting hat to predict what’s he sees as the most likely threats security teams should focus on over the next year or two.

Other episodes in the Secure Networks video/audio podcast series are available here. Or listen to the podcast here or on your favorite podcast platform.


Endace Packet Forensics Files: Episode #38

Original Entry by : Michael Morris

Michael talks to Hakan Holmgren, EVP of Sales, Cubro

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

As data growth accelerates and distributed workloads increase, enterprises are prioritising cost efficiency and space minimization in modern datacenters. They are looking to leverage new technologies and use smaller, more cost-efficient appliances to reduce cost and improve efficiency.

By architecting infrastructure to prioritize stability and robustness and focusing on reducing carbon footprint, organizations can dramatically reduce power, storage and cooling requirements while also improving efficiency. A win-win outcome.

In this podcast, Hakan Holmgren, EVP Sales at Cubro, talks about how new technologies like Intel barefoot ASICs can accelerate packet processing for cloud datacenters and edge deployments and enable consolidation of infrastructure to reduce cost and minimize environmental impact.

Other episodes in the Secure Networks video/audio podcast series are available here.


Diversity and Inclusion: measuring our success

Original Entry by : Katrina Schollum

By Katrina Schollum, People Partner, Endace


We have been progressively working on a culture of belonging through building awareness of Diversity and Inclusion (D&I) in our organization.  Led by our D&I Committee, our series of initiatives in our four focus areas of gender, ability, ethnicity and generational diversity have been implemented over time and we are proud of what we have achieved.

As part of our ongoing commitment to continuous improvement, we have taken steps to measure and report on what we have accomplished so far.  As part of the measurement, we conduct online surveys to ensure we are delivering initiatives that have a positive and constructive impact at Endace.  We recently completed a short survey that was sent to all of our team members and completed anonymously.  The results were collated and shared internally.

What was measured?

We asked about past initiatives and their efficacy to identify what changes, if any, were observed – from the level of understanding of D&I issues, to increased discussion about D&I.  We also wanted to gauge the feeling of comfort and belonging at Endace and measure whether there was any change since introducing our D&I initiatives.

One of the sets of questions was the same as a previous survey conducted 18 months ago.  These questions had a scale from strongly agree to strongly disagree.  This meant we could compare and contrast results and see what, if any, shift had occurred.

Our hardworking Diversity & Inclusion Committee.

What did we find?

We found that interactive and personal initiatives have been the most popular with our team.  Our most popular activity was our Diwali Decoration Competition, followed by our name pronunciation video featuring members of our global team.  At Endace, we like to learn by doing. So having interactive initiatives is a great way for us to build awareness.

A majority of our participants felt they have a greater understanding of D&I at Endace and have seen positive change, with 66% being able to say a definitive yes a fantastic result!  Participants also agreed that our initiatives broke down barriers to creating a stronger feeling of belonging.  The majority of our people at 74% feel comfortable openly talking about diversity at Endace. More conversation on the topic outside of direct communication and activities from the D&I Committee will enhance our progress so we continue to track and measure change on this point.

From our comparison questions, there was a higher percentage of ‘strongly agree’ answers for all questions in this set and 91% of respondents felt Endace respects its individuals and values their differences.  The results overall showed a positive trend in feelings on managerial commitment, fair treatment and a level of comfort speaking up – a great result!  This is shown through a positive uplift in results moving from agree to strongly agree from 18-23%.

While we are delighted with the results, we always can do more with our initiatives to build awareness and break down barriers.  We have a lot in plan at Endace for the coming months and we look forward to sharing in our next update.


Endace Packet Forensics Files: Episode #37

Original Entry by : Michael Morris

Michael talks to Rick Jenssen, VP of Global Operations, Plixer

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

Many organizations face challenges maintaining their security posture while dealing with the significant shift towards remote workforces, the dynamic nature of hybrid cloud environments and rapidly growing volumes of interconnected devices.

In short, managing security at scale in highly fluid environments is a daunting challenge. So what can you do to improve your security resiliency?

In this episode of the Endace Packet Forensic files, I talk with Rick Jenssen, VP of Global Operations for Plixer, who shares his experience into building robust security at scale. Rick recommends some best practices to address the common challenges in delivering resilient security in large environments and talks about ways to address the flood of alarms SOC teams face on a daily basis. He suggests a nice, six-step, iterative approach to continually improving your security position.

Finally, Rick reinforces how important the mantra of “practice, practice, practice” is when it comes to preparing your security teams – and the wider organization. Practicing how to investigate, remediate, and respond to potential security breaches makes sure you know what needs to happen in the event of a real crisis and uncovers areas you need to work on to be better prepared.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #36

Original Entry by : Michael Morris

Michael talks to Neil Wilkins, Technical Director EMEA, Garland Technology

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

What does it mean to have security at scale?  For large infrastructures with rapid data growth have you maintained or improved your security posture as you have scaled?

In this episode of the Endace Packet Forensic files I talk with Neil Wilkins, Technical Director for EMEA at Garland Technology, who outlines some of the challenges he sees organizations facing when it comes to maintaining security at scale.  He shares some recommendations and best practices to get on the right path to improve security in large environments.

Finally, Neil shares his thoughts on Security Orchestration and Automation Response (SOAR) platforms and how they can help in environments with lots of tools and events and multiple teams trying to manage the cyber security infrastructure. He provides suggestions for rolling out SOAR solutions and highlights some things to avoid to ensure the platform delivers the returns and efficiencies hoped for.

Having a large, dynamic infrastructure doesn’t mean you can’t keep your arms around your security posture, but you need to have processes and tools in place that can scale as you grow and accelerate incident response to keep ahead of growing threat volumes.

Other episodes in the Secure Networks video/audio podcast series are available here.


Amazing people driving personal success at Endace

Original Entry by : Sasha Blair

By Sasha Blair, VP, People and Legal, Endace


People are at the heart of what makes the Endace vision come to life.  Our team applies their knowledge and skills to continually innovate with fast-paced advances in technology.  It is imperative that our people grow within their roles and become drivers of innovation themselves.

People development is key to Endace’s success, and we invest heavily in continuously developing team members’ skills and expertise.

At Endace we have an annual development process that is voluntary and open to all.  Our people are in the driving seat.  They steer their own learning goals since they are the experts in their own career aspirations and motivations.  It’s not about past performance – in fact the development planning is completed prior to our annual achievement review process. The aim of the development planning process is to align individual goals and enhance current roles in preparation for future opportunities and to build new skills.  With input and guidance from business leaders, alignment with the broader business context is considered in the process.

Future career aspirations, capability development and learning opportunities are discussed, and a plan is developed in collaboration with each individual and their manager.  Managers will talk about the evolving needs of the business and how team members might contribute, build on their strengths and develop applicable skills.  The result is a documented action plan in which team members can follow and track their success.

Usama’s Experience

One of our staff Engineers, Usama Malik, spoke about his experience with the development program.

“Endace has always encouraged and supported my personal learning goals, and over the years I’ve had opportunities to explore both technical and managerial development paths. These included training courses (online, in-group and one-to-one), formal assignments and informal tasks within my role.   

Unlike many other companies, at Endace I can set the pace myself depending on my day-to-day schedule and other urgent duties.  I’ve found this flexibility very appealing, especially with learning outcomes and their business impact being evaluated during annual achievement reviews.

My 2021-2022 development plan was particularly rewarding for me.  In previous years I chose development projects within my specific technical domain. However, last year I was able to step out of my comfort zone and work with the wider systems team on projects focused on continuously improving product reliability and performance.  Endace bought new equipment to enable me to analyze hardware at the electrical level and I learned new protocols and broadened my understanding of how state-of-the-art devices work. I collaborated with people from multiple teams – including software, production, operations and customer support.  This cross-functional teamwork yielded excellent results. It has been a win-win situation for everyone, including our customers who reap the benefits of these product improvements.”

Endace’s people development process offers our team members the structure to plan, discuss and execute growth opportunities that build their potential. We have seen excellent commitment, high interest in the program and strong support from managers leading to fantastic results in preparing our people and securing our future.