Michael talks to Craig Williams, Director of Talos Outreach, Cisco
By Michael Morris, Director of Global Business Development, Endace
What are the latest threats that Threat Intelligence teams are seeing and what are they recommending as best practices for defending against the latest cybersecurity threats?
You won’t want to miss this episode of the Endace Packet Forensic files as Michael sits down with Craig Williams, Director of Talos Outreach at Cisco.
Craig talks about how threats have been evolving over the last year – particularly during the Covid-19 pandemic – and gives us some insights into recent high-profile security issues. He also shares some advice how you can validate your corporate applications and implement zero-trust policies to reduce your exposure to threats.
Finally, Craig talks through key elements of cyber security infrastructure that can help SOC teams investigate issues and evolve towards proactive threat hunting practices.
Other episodes in the Secure Networks video/audio podcast series are available here.
Last month we announced a partnership with Plixer to provide integration between EndaceProbe™️ Network Recorders and Plixer’s Scrutinizer™️ NetFlow Analytics suite. This leverages Endace Fusion’s API to enable SOC and NOC teams to pivot directly from Scrutinizer alerts to packet-level detail in traffic recorded on EndaceProbes across the network, delivering the detailed data that enables analysts to quickly investigate and establish the root cause of an alert.
We have also joined the Cisco Solution Partner program. This partnership provides customers using Cisco’s Firepower™ Management Console with single-click access to EndaceVision for powerful visualization of network traffic and rapid drill down to recorded network packets using Endace Fusion’s Pivot to Vision and Pivot to Packets API functions.
Are you a Cisco Firepower or Plixer Scrutinizer user?
Contact firstname.lastname@example.org to organize a demo so you can see how this integration can dramatically speed up your investigations.
We’ve all heard that the application is now the network. This paradigm shift moved us from the simple port-based definition of applications that was prevalent up until the end of the last decade, to the more awkward reality that applications are much more complex and no longer conformed to such a simple scheme. For network operators, understanding the applications on the networks was paramount and Endace responded to this by incorporating deep packet inspection (DPI) technology into its EndaceProbeTM Network Recorders in 2012.
Continue reading “User and device attribution comes to EndaceVision: Empowering network and security incident analysis”
We use technology in our everyday lives without a thought of how that content is delivered. We conduct credit card transaction over a smartphone app for taxi fare, and stream live sporting events like the World Series not just to our television sets but to our smartphones, tablets and PCs. We connect to the corporate VPN while in mid-air over the Atlantic with an expectation that it should be seamless.
Innovation in technology continues to propel us forward from the physical to the virtual world. Server, storage and network virtualization, along with the cloud, has made it easier for the workforce and applications to be agile and mobile. Keeping applications and people connected is vital for any businesses to operate and generate revenue streams.
Continue reading “Propelling Applications Forward with Network Visibility and Agility: Ecosystem Member for Cisco ACI”