Endace Integrates with Microsoft Sentinel for Enhanced Network Visibility AUCKLAND, New Zealand & AUSTIN, Texas—Packet capture leader Endace has announced a new integration between its EndaceProbe appliances and Microsoft Sentinel, a cutting-edge cloud security, information, and event management (SIEM) solution. This integration empowers NetOps and SecOps teams with one-click access to full packet evidence directly from Microsoft Sentinel, streamlining investigations and providing precise, real-time insights into network security events. Key benefits of the integration include: Simplified Investigation Workflows: Microsoft Sentinel’s alerts and playbooks are now complemented with one-click, drill-down access to full packet data captured by EndaceProbe. This accelerates the investigation process and helps security teams respond more efficiently. Continuous Packet Capture: EndaceProbe can capture and retain weeks or even months of full packet data, covering hybrid, on-premises, and multi-cloud environments. This extensive data repository is invaluable for accurate event reconstruction and threat analysis. Centralized Management: A single, central console allows users to search and analyze recorded packet data across global networks, all integrated within Microsoft Sentinel. This unified approach enhances operational efficiency and reduces the complexity of managing network data. Deep Network Visibility: Teams gain a clear, packet-level view of network activity, providing detailed insights into what transpired before, during, and after any event. This granular visibility is crucial for identifying and mitigating threats. Zero-Day Threat Validation: The integration enables the validation of zero-day threats by replaying recorded network traffic, ensuring that unknown vulnerabilities are detected and addressed promptly. Faster Incident Resolution: The combination of EndaceProbe’s centralized search capabilities and Microsoft Sentinel’s AI-driven SIEM enables quicker and more effective incident investigation and resolution. Military-grade security is a hallmark of EndaceProbes, which are FIPS 140-3 compliant and listed on the DoDIIN APL. These appliances meet rigorous standards, making them a trusted solution for highly regulated environments. “Deep visibility into network activity is crucial for effective incident response, whether dealing with cybersecurity events, service outages, or performance issues,” said Cary Wright, VP Product at Endace. “One-click access to EndaceProbe’s recorded packet data directly from Microsoft Sentinel provides incident responders with exact, timestamped evidence of what transpired, allowing them to act with confidence.” “Microsoft Sentinel’s advanced machine learning capabilities help reduce noise and uncover sophisticated threats, while EndaceProbes offer a comprehensive, packet-level record of network history,” added Wright. “Integrating these two solutions gives SecOps teams the seamless access to definitive evidence needed to manage the most serious network threats.” Next week, Endace will be showcasing its EndaceProbe and EndaceProbe Cloud solutions at RSAC™ 2025 (booth N-5176). Additionally, Endace is securing the SoC @ RSAC™ by equipping and operating it. For more information on Endace’s presence at RSAC™, visit https://www2.endace.com/rsa-2025-resources-lp. About Endace Endace provides scalable, always-on packet capture solutions that deliver deep visibility for Network Operations and Security teams. EndaceProbes enable enterprise-level packet sniffing in on-premises, public, and private cloud environments, offering rapid, centralized search and one-click access to full pcap data. This integration supports a wide range of leading security and performance solutions, including Microsoft, Palo Alto Networks, Fortinet, Cisco, Splunk, and Elastic. By analyzing network traffic through a single, unified console, teams can achieve total hybrid cloud visibility. Capture every packet, see every threat, and ensure fast, accurate incident investigation with rich forensic evidence at your fingertips. For more details, visit www.endace.com. All trademarks mentioned herein belong to their respective owners.