Endace Packet Forensics Files: Episode #34

Original Entry by : Mark Evans

Michael talks to Rick Peters, CISO Operational Technology, Fortinet

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

Increasingly, the security of Operational Technology (OT) – Industrial Control Systems and SCADA – is a major focus of concern. These systems are used in many environments across industries such as manufacturing, transportation, energy, critical infrastructure and many more, and are a juicy target for both sophisticated, nation-state attackers and cybercriminals.

In this episode of the Endace Packet Forensic files I talk with Rick Peters, CISO Operational Technology at Fortinet. With a long career in engineering and almost four decades in US Intelligence before taking on his role at Fortinet, Rick knows intimately how attackers can target OT systems and has spent many years helping to defend OT systems from cyber attackers.

Rick talks about the importance of being able to trust in OT environments: in their ability to continue to provide safe and continuous business, and how we can bring some of the discipline that has been developed in IT cyberdefense into the OT environment. He outlines the importance of “consequence-driven strategy” – a deep understanding of the risks and vulnerabilities that a given system presents, coupled with a thorough assessment of the consequences of a successful compromise. As well as the importance of having a well-planned, and tested, response plan that addresses both IT and OT systems.

Rick has some great advice for cybersecurity leaders about where to start building a robust OT security posture and the importance of having IT security and OT security working in parallel. You won’t want to miss this episode!

Other episodes in the Secure Networks video/audio podcast series are available here.

Endace Turns 20!!

Original Entry by : Mark Evans
July was a significant milestone for Endace. We celebrated two whole decades in business and the start of our 21st year!

Read on to find out how we’re marking the occasion …

The Last 20 Years

Back in 2001, when Endace was founded, Russell Crowe (another famous New Zealander) won an Oscar for Gladiator, internet users were dreaming about fast, new 56K modems, Microsoft launched Windows XP, and the first Lord of the Rings movie (The Fellowship of the Ring) was launched. So long ago!

What’s amazing is that in the 20 years since, Endace has continued to work with some of our first ever customers! And many of the original Endace team, including Endace CTO, Stephen Donnelly, are still with us today too.

But much has changed over that time. We’ve seen network speeds increase from the early 10Mbps LAN speeds to today’s backbone speeds of 100Gbps and beyond. Traffic volumes have increased exponentially too with global internet traffic estimated to total 4.8 zettabytes in 2021.

Over the last twenty years, packet capture has gone from being a niche technology predominantly used by telcos, service providers, and governments to what is now a ubiquitous and essential capability for organizations to ensure the security and performance of their critical networks.

Endace has continued to stay ahead of the changes, setting industry benchmarks for performance, capacity and reliability with our multi-award-winning EndaceProbe Analytics Platform. Our technology becomes more and more important every day because of the challenges organizations face in defending against cyber threats and ensuring their critical networks are available 24x7x365.


That Endace is still going strong after 20 years is a testament to a really smart team, and the strength of our relationships with our customers and partners. We are extremely grateful for your unwavering support and loyalty. Thank you!

Stuart Wilson, CEO.

A Year of Giving Back

We elected a team of Endace people from around the world to decide how we should celebrate our 20th Anniversary. The universal feedback they received was that everyone wanted to mark the occasion by “giving back” – particularly given the tough times people have been experiencing with Covid around the world.

So charity will form an even bigger part of our focus over the next 12 months than usual. Here are some of the activities the teams have been involved in or are planning:

Endace Corporate Charity

Endace has chosen to support The Glaucoma Foundation by making a corporate donation to support the foundation’s work on glaucoma research and treatment. Given Endace focuses on network visibility we felt working with a global charity that strives to protect human vision was extremely appropriate.

Regional Charities
  • Endace EMEA: continuing a long-term tradition, the EMEA team will be sponsoring MoD Field Gun Run events to raise money for the  Dorothy Hospice.
  • Endace North America: the US team is conducting a run/cycle challenge (recording their performances on Strava) to raise money for St Judes Research Hospital which focuses on children’s health.
  • Endace India: the team in India is funding two food carts, (donated via the Rotary Club of Chennai), to provide an income for two families in need.
  • Endace Australia: the team in Melbourne leveraged their culinary flair, getting together in the FareShare kitchen to cook food that is distributed to needy families via a wide range of charities.
  • Endace New Zealand: the NZ team is planning to volunteer with Sustainable Coastlines, an environmental charity, on beach-cleanup and tree-planting events to protect New Zealand’s waterways.

This slideshow requires JavaScript.

Team Celebrations

Endace’s birthday celebrations kicked off with a dinner for the NZ team and ViP guests, including two of the original founders. Appropriately, the dinner was held at the Gallagher Performing Arts Center back where things all got started – at the University of Waikato:

This slideshow requires JavaScript.

Each of the Endace teams around the world is conducting celebratory parties in their regions as Covid lockdowns allow.

Here are some of the photos from the UK team’s recent celebration which included completing the Yorkshire Three Peaks challenge to climb the three highest peaks in Yorkshire followed by a well-earned drink and dinner.

This slideshow requires JavaScript.

We are also capturing photo and video memories from current and ex Endacers, partners and friends, which we’ll continue to share over the next 12 months. Keep a lookout for the #endaceturns20 hashtag on LinkedIn, Twitter and here on the blog.

Endace Back at Black Hat Europe

Original Entry by : Mark Evans

Well it’s that time of year again. It seems like such a short time ago we were at Black Hat USA, and already Black Hat Europe is here again.

Black Hat Europe, taking place from the 3rd to 6th December, brings together more than 2,000 InfoSec professionals for networking, training and briefings. As a silver sponsor and exhibitor at this year’s event, we are looking forward to engaging again with the Black Hat cybersecurity community—including our Fusion partners, and fellow sponsors, Darktrace and Splunk – and seeing what’s new.

Cyber Skills Shortage: the perennial challenge

One of the interesting things about sponsoring Black Hat in different regions is seeing the common themes that emerge.

At Black Hat USA, back in August at Mandalay Bay, Las Vegas there was much discussion about what we, as an industry, can do to combat the extreme shortage of skilled cyber professionals.

This is perhaps not surprising, given Black Hat’s strong focus on practical skills building, training and workshops. But it was interesting to talk to attendees about the challenges that this shortage of skilled people is causing, and what tools and strategies they’re implementing to help address those challenges.

A key theme was how tools like AI can help to reduce the burden on overworked analysts, leaving them free to focus on high-priority threats, and on proactive, rather than reactive, response. We talked to a number of attendees about why packet capture is such an ideal complement to AI tools because it provides the context that enables security teams to quickly prioritize, investigate and respond to the threats that their AI-based tools detect.

It will be interesting to see what attendees in London have to say about how their companies are addressing the cyber skills shortages in Europe.

What we’ll be talking about

We’ll be talking about our recently launched 9200 Series EndaceProbe Analytics Platform, the world’s first Petabyte Network Recording appliance.

We’ll also be showing how the unique architecture of the EndaceFabric allows customers to connect multiple EndaceProbes together to form single logical stacks of probes with multi-petabyte storage capacity that can monitor high-speed links of 100Gbps and beyond. This “stacking” approach, combined with the breakthrough density and price of the new 9200 Series EndaceProbes, gives organizations the ability to record and store weeks of full packet data.

Come and visit

We’re looking forward to catching up at Black Hat. So if you are attending, do drop in and see us. We’re at Stand 306.

Endace announced as double finalist in 2018 Computing Security Awards and UK IT Industry Awards

Original Entry by : Mark Evans

Computing Security Awards 2018

Our EndaceProbe™ Analytics Platform has been announced as a double finalist in the ‘Network Security Solution of the Year’ and the ‘Enterprise Security Solution of the Year’ categories for the 2018 Computing Security Awards.

The Computing Security Awards started in 2010 to recognize security champions and solutions throughout the UK IT industry. The winners of the awards will be announced on the 11th October at an awards ceremony dinner at the Radisson Blu Edwardian Hotel, London.

You can vote in all categories of the Computing Security Awards, here: http://www.computingsecurityawards.co.uk/?page=csa2018vote. If you can spare a minute to vote, we’d be very grateful for your support!

UK IT Industry Awards 2018

Endace has also been announced as a finalist in the 2018 UK IT Industry Awards in the ‘Security Innovation of the Year’ category.

The UK IT Industry Awards celebrates IT excellence and focuses on the contribution of individuals, projects, organizations and technologies that have excelled in the use, development and deployment of IT in the past 12 months. The award ceremony for the UK IT Industry Awards will take place on the 14th November in Battersea, London.

The EndaceProbe is the industry’s only, truly, open packet capture platform, allowing both hosting of and integration with commercial, open-source and custom analytics applications.

You can learn more about Endace’s network monitoring products, analytics platform, and network packet history recording solutions here.

Endace at Blackhat USA, 2018

Original Entry by : Mark Evans

Blackhat USA, 2018Endace is headed to Black Hat USA 2018. Now in its 21st year, this leading information security event provides attendees with the very latest in research, development, trends and solution showcase. The first four days (August 4-7) includes intense training for security professionals of all levels followed by the two-day (August 8-9) main event including the Exhibitor Showcase, briefings, arsenal, and more.

This is event is one of our USA team’s favorite event of the year.  Security professionals from across the country—and across the globe—converge upon the Sands Convention Center in Las Vegas to learn about the latest tools and trends, and to really network and learn from their peers. Our conversations with attendees are always in-depth, meaningful and a learning experience for everyone involved.

Endace will once again be showcasing our EndaceProbe Analytics Platform at our booth located in the lobby area outside of the hall in location # L5. Over the last year, Endace announced partnerships with a number of leading vendors including BluVector, Cisco, Dynatrace, Idappcom and Plixer. By deploying these analytics solutions on the EndaceProbe Analytics Platform, customers can consolidate hardware to reduce cost and dramatically reduce the time required to install new analytics solutions.

Stop by our booth at L5 and visit with the team, we’ll be giving away great swag!

Endace Team Winners at Cyber Challenge

Original Entry by : Mark Evans

This year’s Cyber Challenge, run by the University of Waikato, attracted a wide range of participants from around the country with participants attending from schools and tertiary institutions as well as industry.

The youngest competitor was just twelve-years-old!

As a longtime sponsor of the event, Endace this year decided to enter three teams in the challenge.

Teams participated in a series of challenges, including capture-the-flag challenges and a drone challenge. Endace team, Team Dark Arts (consisting of Deepak Ramaprasad, Leo Liu and Dr. Andreas Löf) took line honours after Rounds 1 and 2, taking out the prize for the winning team for Rounds 1 and 2.

Team Dark Arts donated their prize to the runners-up after Rounds 1 and 2, Team Arcton (Jeremy Symon and Grady Hooker, another industry team). Which then graciously donated the prize to the third-placed team, Team Purple (James Donaldson and Tom Crisp), another industry team.

However overall glory, and bragging rights for 2018, fell to Team Elliptic Curveballs (Jacob Cheatley, Michael Jang and Logan Krippner – all University of Waikato computer science students). Congratulations guys!

Associate Professor, Dr. Ryan Ko, Head of Cyber Security Lab and Director, New Zealand Institute for Security and Crime Science, said this year’s Cyber Challenge was the toughest yet.

“The standard of competitors keeps getting higher, but we’re also creating more challenging tasks. It speaks well for the future cybersecurity landscape, and the University of Waikato,” Dr. Ko said.

Congratulations to all the participants in this year’s Cyber Challenge, and our thanks to the team at the University of Waikato for hosting the event.

And to all the Endace participants, from all the teams: “well done, you did us proud!”

Another great year at the Hitech Awards

Original Entry by : Mark Evans

As the Crusaders and Hurricanes fought it out on a miserable, cold rainy night in the stadium across the carpark, a crowd of almost 800 people, dressed in their finery, descended on Christchurch’s Horncastle Arena for the 2018 Hitech Awards last week.

The Hitech Awards is the glamour event for New Zealand’s Hitech sector and features a stellar cast of 70 international and national judges judging entries across 13 categories, including our own David Earl.

Diversity was a big focus for the Hitech Trust this year, and it was really pleasing to see so many women represented amongst the finalists. Jen Rutherford, Chairperson of the Hitech Trust said “The number of finalists with female CEO’s has almost doubled year-on-year. Whilst we are not there yet, we are moving in the right direction. Our industry is truly in great shape.”

Endace sponsored the Most Innovative Hi-Tech Hardware Product Award, which was a keenly fought category again this year, with a wide range of products from Ubco‘s radical, off-road electric bike to a 3D Bioimaging device from Mars Bioimaging and innovative construction equipment from Calibre Contracting Equipment. The winner of the award was Enatel for its smart, modular charging solutions used to power material handling equipment.

Congratulations to all the finalists and winners. We wish them all the best of luck in their endeavors. And we look forward to seeing what innovative technology will appear at next year’s Hitech Awards.

For those that weren’t able to attend, here’s a highlights reel courtesy of our friends at Swaytech, who organized the event. Great job guys!

Endace partners with BluVector to bring advanced, AI-driven threat detection to the EndaceProbe Platform

Original Entry by : Mark Evans

As cyber threats become increasingly sophisticated, ensuring you’re not subject to a security breach is more important than ever before. That’s why we’re pleased to announce a new partnership with AI-driven network security company, BluVector.

Cortex, BluVector’s next generation, AI-based intrusion detection solution can now be deployed directly onto our EndaceProbe Analytics Platform. In addition, Cortex  integrates with the Network History recorded by EndaceProbes, enabling analysts to go from an alert in the Cortex dashboard directly to the related packets in EndaceVision with a single click.

A security intrusion doesn’t have to lead to a major breach or cyber incident. But detecting, investigating and responding to threats quickly is critical. The combination of BluVector’s state-of-the-art threat detection combined with Endace’s 100% accurate packet-level evidence means that SecOps teams can investigate, respond to and neutralize intrusions with great efficiency. Information collected from thousands of disparate data sources is analyzed and prioritized and made available instantly to SecOps teams. This allows analysts to quickly understand the severity of threats and minimize them before they have the chance to escalate into a breach.

If you are going to the RSA Conference in San Francisco, both the Endace and BluVector teams will be at Booth 1615, South Expo demonstrating our combined solution. Be sure to visit us to see what our powerful partnership can do for you! If you’d like to find out more, check out our BluVector partner page: endace.com/partners/fusion/bluvector