Elastic turns $234M Endgame deal into new endpoint protection product
Elastic N.V. today introduced Elastic Endpoint Security, its latest cybersecurity product, which provides protection against hackers for enterprises’ backend infrastructure and employee devices.
The software is based on technology that the company obtained through its acquisition of Endgame Inc. in June. Elastic paid $234 million for the startup, which counted the U.S. Air Force among its customers and had raised over $100 million in funding. Its backers included major Silicon Valley investors such as Kleiner Perkins Caufield & Byers.
Elastic Endpoint Security is a software agent that companies can install on a device much like an antivirus to scan for threats. It detects malware, phishing attempts and so-called fileless attacks that the hijack existing, legitimate programs on a machine to carry out malicious activity. The agent can operate autonomously without sending data to the cloud for analysis, which allows it to spot intrusions even when there’s no internet connection.
Elastic Endpoint Security’s other function is to serve as a data collection tool for a company’s network protection team. It gathers detailed information about suspicious activity that administrators can use to investigate breaches and plan appropriate countermeasures.
That information is beamed up to Elastic’s Elastic SIEM product, another recently launched security tool from the company. It’s a kind of virtual command room for tracking down breaches that enables administrators to look at security data from multiple sources. An analyst could, for example, correlate malware alerts from Elastic Endpoint Security with user and network activity logs.
“Elastic Endpoint Security has dramatically dropped our mean time to remediate from seven days to 30 minutes over legacy antivirus,” Andrew Stokes, the information security officer at Texas A&M University, was quoted by Elastic as saying.
For a company whose core competency isn’t security, Elastic has built up quite an arsenal of network protection features. The publicly traded firm is best known for its Elasticsearch search engine, which helps enterprises make their internal databases easier to navigate. Elastic first launched a push to add security-specific features two years ago, after seeing that network protection teams were using its software to help make sense of the data generated by their threat detection tools.
“Endpoint prevention, detection, and response (EPP + EDR) is a natural expansion to Elastic’s security and agent efforts,” Chief Executive Officer Shay Banon explained when the company announced its purchase of Endgame back in July. “We believe that the ability to both bring another layer of data, as well as expanded threat hunting to the endpoint directly, is a unique value proposition of the combined products.”
Photo: Elastic
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU