Ziften Solution Delivers the Last Mile Network Visibility of Enterprise Endpoints
Ziften, a leading provider of endpoint detection and response solutions, announced today they have joined Lancope’s Technology Partner Program to deliver last mile network visibility of the endpoint, completing the picture of end-user context and attribution on the endpoint for network security professionals.
Zflow™ is the endpoint network data collection feature in Ziften’s solution. Combined with Lancope’s StealthWatch System, the Ziften technology enables enterprises to attain the last-mile network visibility including the context and attribution of who, what, and how endpoint network connections were made. This greatly enables enterprises to improve their security posture and help to protect their reputation.
Lancope, Inc. is a leading provider of network visibility and security intelligence, providing advanced, context-aware security for optimal threat defense. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats.
Ziften’s Zflow™ complements Lancope’s StealthWatch System by providing last mile network visibility into the endpoint. Zflow adds endpoint context and attribution to network data for a side-by-side drilldown of network and corresponding endpoint internal activity from a unified security console. This correlated viewpoint offers enhanced situational assessment including:
- Designation of the responsible endpoint process and its characteristic cryptographic hash value, file path, and version metadata
- Identification of logged-in user with process owner attribution
- Clarifying context around user activity and foreground engagement/disengagement with the responsible application
Dramatic benefits include rapid triage of network security alerts with accelerated early response and critical situational awareness by enterprise security staff. All without the needless delays and disjointed analyses suffered by traditional unlinked toolsets across an endpoint/network security divide.
“We are thrilled to be considered a key partner in the Lancope ecosystem, helping to complete the picture from NetFlow to the endpoint device and deliver the context and attribution necessary to give enterprises truly continuous monitoring and detection combined with big data analytics to identify indicators of compromise for advanced threats”, said Charles Leaver, CEO of Ziften.
“In today’s world of constantly-evolving security threats and attack vectors, collaboration between best-of-breed technology providers is essential for helping customers stay a step ahead of malicious threat actors,” said Christopher Smithee, Business Development Director for Lancope. “We look forward to working with Ziften to provide our joint customers with in-depth security context for protecting their information assets from sophisticated attackers.”
Ziften Open Visibility and intelligence provides a more secure environment by delivering actionable analytics for any user device across the enterprise. Ziften extends existing security, System management, and event monitoring tools. It delivers crucial open intelligence of any enterprise endpoint, enabling you to run your business in a more efficient, intelligent, and secure manner.
For more information visit http://www.ziften.com