Tag: Cisco

Endace and Cisco in the SoC at RSAC™ 2025

Original Entry by : Endace

Endace and Cisco® are co-sponsors of the SOC at RSAC™ 2025: providing SOC services for the conference, and monitoring traffic on the Moscone wireless network for security threats.

Experts in the SOC will be running Cisco Security Cloud, with Cisco Breach Protection Suite, Cisco User Protection Suite, and Cisco Secure Firewall; with Splunk Enterprise Security as the SIEM platform. EndaceProbe will provide always-on packet capture, recording network traffic in real-time.

As a long-time member of the Cisco Security Technical Alliance, our EndaceProbe Analytics Platform integrates with Cisco Firewall, XDR, Secure Network Analytics and Splunk.

Book a Tour of the SoC at RSAC™ 2025

Tours are offered Tuesday, Wednesday and Thursday at the times listed below and advance registration is highly recommended.  An Expo Pass is all you need to join the tour.

Tour Times:

Tuesday, April 29 – 10:10am, 3:00pm and 4:30pm

Wednesday, April 30 – 10:10am, 3:00pm and 5:00pm

Thursday, May 1 – 10:10am and 1:00pm

Book a SoC Tour

Visit Endace’s Booth at RSAC™ 2025

In addition to being in the SoC, the Endace team is also exhibiting at RSAC™ 2025. Come and see us at Booth #5176, located in the North Hall.

We will be showcasing our highly-scalable, always-on packet capture solutions for private cloud, public cloud and on-prem environments. Come and find out about:

  • The value of Always-on packet capture as a definitive source of evidence
  • Why packets are a such a critical source of truth for cybersecurity and network reliability
  • How to integrate definitive packet-level network history into your SoC and NoC teams’ network security tools for faster, more accurate incident forensics.

Apple Airpods MaxPLUS

Enter our booth raffle and you could win a pair of Apple Airpods Max headphones (two pairs to be won).

 

Don’t miss PROTECTED:
The Findings Report from the SOC at RSAC™ 2025.

If you have a full Conference Pass, we encourage you to join Cary Wright, Endace VP Product, Jessica Oppenheimer, Cisco’s Director of Security Operations, and Steve Fink, CTO and CISO at Secure Yeti, as they share security observations from the SoC at RSAC™ 2025.

Every year, this is an extremely popular conference session.

For more blogs in our Endace SOC series, see here:
https://blog.endace.com/tag/soc/

Endace Packet Forensics Files: Episode #35

Original Entry by : Michael Morris

Michael talks to Timothy Wilson-Johnston, Value Chain Security Leader, Cisco

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, EndaceWhat did we learn from the recent Log4J 2 vulnerability? How are security holes like this changing the way organizations think about deploying enterprise software solutions?

In this episode of the Endace Packet Forensic files Michael Morris talks with Timothy Wilson-Johnston about the Log4J 2 threat and how it is being exploited in the wild.

Timothy shares his thoughts about what Log4J 2 has taught us, and why organizations need to look at the bigger picture:

  • How can you better defend against vulnerabilities of this type
  • Why it’s so important to closely scrutinize solutions that are deployed – and make sure you have visibility into components that might be included with those solutions

Finally, Timothy discusses the importance of evaluating security vs function and why it is critical to have software inspection and validation processes to manage third-party risk to your business. Knowing what your vendors’ standards are and implementing a structured and repeatable process for evaluating vendors and solutions, is key to improving security maturity.

 

Other episodes in the Secure Networks video/audio podcast series are available here.

Endace Packet Forensics Files: Episode #24

Original Entry by : Michael Morris

Michael talks to Ajit Thyagarajan, Principal Security Architect for Cisco

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

The cybersecurity landscape is constantly changing with new Zero-Day Threats, double-extortion ransomware attacks and continuously evolving phishing techniques. The volume of threats and the pace of change are impacting the way SecOps teams operate and pushing them to find new ways to connect disparate data sources in order to automate processes and improve incident response times.

You won’t want to miss this episode of the Endace Packet Forensic files as I talk with Ajit Thyagarajan, Principal Security Architect for Cisco, who talks about the challenges security analysts are facing and shares his views and ideas on how to improve their day-to-day operation.

Ajit shares the concept of the Intelligent Telemetry Plane that he and his team at Cisco have been developing. He highlights the value of the provenance of telemetry data and how important bringing different data sources together is to staying ahead of threat actors.

Finally, Ajit shares some ideas about the types of challenges a common telemetry management platform can help solve and what to keep your eyes on over the year ahead when it comes to security threats and cyber defense.

Other episodes in the Secure Networks video/audio podcast series are available here.

Endace Packet Forensics Files: Episode #20

Original Entry by : Michael Morris

Michael talks to Craig Williams, Director of Talos Outreach, Cisco

By Michael Morris, Director of Global Business Development, Endace

Michael Morris, Director of Global Business Development, Endace

What are the latest threats that Threat Intelligence teams are seeing and what are they recommending as best practices for defending against the latest cybersecurity threats?

You won’t want to miss this episode of the Endace Packet Forensic files as Michael sits down with Craig Williams, Director of Talos Outreach at Cisco.

Craig talks about how threats have been evolving over the last year – particularly during the Covid-19 pandemic – and gives us some insights into recent high-profile security issues. He also shares some advice how you can validate your corporate applications and implement zero-trust policies to reduce your exposure to threats.

Finally, Craig talks through key elements of cyber security infrastructure that can help SOC teams investigate issues and evolve towards proactive threat hunting practices.

Other episodes in the Secure Networks video/audio podcast series are available here.

New Partners – Plixer and Cisco

Original Entry by : Endace

plixer-logoLast month we announced a partnership with Plixer to provide integration between EndaceProbe™️ Network Recorders and Plixer’s Scrutinizer™️ NetFlow Analytics suite. This leverages Endace Fusion’s API to enable SOC and NOC teams to pivot directly from Scrutinizer alerts to packet-level detail in traffic recorded on EndaceProbes across the network, delivering the detailed data that enables analysts to quickly investigate and establish the root cause of an alert.

cisco-logoWe have also joined the Cisco Solution Partner program. This partnership provides customers using Cisco’s Firepower™ Management Console with single-click access to EndaceVision for powerful visualization of network traffic and rapid drill down to recorded network packets using Endace Fusion’s Pivot to Vision and Pivot to Packets API functions.

Are you a Cisco Firepower or Plixer Scrutinizer user?

Contact sales@endace.com to organize a demo so you can see how this integration can dramatically speed up your investigations.

User and device attribution comes to EndaceVision: Empowering network and security incident analysis

Original Entry by : Barry Shaw

We’ve all heard that the application is now the network. This paradigm shift moved us from the simple port-based definition of applications that was prevalent up until the end of the last decade, to the more awkward reality that applications are much more complex and no longer conformed to such a simple scheme. For network operators, understanding the applications on the networks was paramount and Endace responded to this by incorporating deep packet inspection (DPI) technology into its EndaceProbeTM Network Recorders in 2012.

Continue reading “User and device attribution comes to EndaceVision: Empowering network and security incident analysis”

Propelling Applications Forward with Network Visibility and Agility: Ecosystem Member for Cisco ACI

Original Entry by : Rick Trujillo

We use technology in our everyday lives without a thought of how that content is delivered.  We conduct credit card transaction over a smartphone app for taxi fare, and stream live sporting events like the World Series not just to our television sets but to our smartphones, tablets and PCs. We connect to the corporate VPN while in mid-air over the Atlantic with an expectation that it should be seamless.

Innovation in technology continues to propel us forward from the physical to the virtual world. Server, storage and network virtualization, along with the cloud, has made it easier for the workforce and applications to be agile and mobile. Keeping applications and people connected is vital for any businesses to operate and generate revenue streams.

Continue reading “Propelling Applications Forward with Network Visibility and Agility: Ecosystem Member for Cisco ACI”