![]() ![]() After meeting the Endgame team and spending a lot of time with them, we are very much aligned on this go-to-market strategy. More so, we are excited for the opportunity to converge the SIEM and endpoint markets to drive a whole new level of collaboration for security teams. We are excited to combine Endgame's endpoint product with our search technology and bring it to market using our unique model that is bottom up, open, community-oriented, and focused on end user success. And we have been making investments in our SIEM efforts and going to market with it using our unique model. We have enhanced our Beats technology to ship many types of data, including security-oriented data with Auditbeat, in ECS format. We have made significant investments in our Elastic Common Schema (ECS) to give users a uniform data modeling framework for any type of data, focused initially on the security space. This is also the power of our bottom up, community-based, go-to-market model and how innovation begins from our users. It has been adopted by the security community as a SIEM and threat-hunting tool long before we made significant efforts in the space because users see search to be a useful experience across any data. The Elastic Stack has been used for a few years now as a place to collect, store and analyze security-oriented data. We are excited to explore this powerful query engine for all types of data in the Elastic Stack, which may be executed either on the endpoint or centrally. Endgame's endpoint product is purpose-built to run on a variety of endpoints, such as Windows, Mac, Linux, and Solaris devices, and using Beats will form a foundation to ship endpoint data into Elasticsearch.Įndgame has also developed a powerful language in EQL (Event Query Language), that can be executed on the endpoint, with its results stored in Elasticsearch. ![]() We have also started to see our Beats agents being used more and more beyond just as server-side machines, and being installed on endpoints of many kinds, including workstations. In addition to data collection capabilities, Endgame’s agents provides comprehensive protection against modern attacker techniques. Endgame's endpoint agents fit nicely into this paradigm of agents shipping data as part of the Elastic Stack and its architecture. We have been developing agent-based technology in our Beats product for years now, ranging from network packet capture, to logging, to metrics, and to security (audit). We believe that the ability to both bring another layer of data, as well as expanded threat hunting to the endpoint directly, is a unique value proposition of the combined products.Įndpoint protection will be a natural feature in our product line. The Elastic Stack is used for threat hunting by companies across the world, utilizing our unique ability to search across vast amounts of data in the blink of an eye. We are excited that we will be able to provide it as part of our product line upon consummation of the transaction. On top of raw security data that is the foundation of SIEM, EDR and EPP are critical to any company's security posture. With Kibana's real-time visualization, security users would gain access to a whole new level of analysis to help protect their organizations from attacks.Įndpoint prevention, detection, and response (EPP + EDR) is a natural expansion to Elastic's security and agent efforts. This data is a gem to store in a powerful search engine like Elasticsearch. It has built-in, enriched security data collection capabilities. Endgame's endpoint product would take that to a whole new level. We have been working on expanding to collect additional security-oriented data, including data from hosts, in the Elastic Common Schema (ECS). As we make our investments in the SIEM market, a big part of it is in our existing Beats agent-based technology. When we had a chance to meet with the team, we got even more excited by the quality and culture match between the two companies, and how much our product roadmaps were aligned.Įndpoints provides a critical source of security data. The product embeds Elasticsearch as its main data store for its alerts and investigation workflows, and is considered one of the best endpoint solutions out there today. We have known about Endgame and its endpoint product for quite some time. We believe that by joining forces, we can bring to market a holistic security product that combines endpoint and SIEM, and is delivered using our unique go-to-market model. We are excited to announce that we have entered into an acquisition agreement to join forces with Endgame, Inc. Introducing Elastic Endpoint Security: We've officially joined forces and announced a new product vision for securing your organizations with the Elastic Stack. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |