Endace Rewrites the Rules of Packet Capture

AUCKLAND, New Zealand & AUSTIN, Texas--(BUSINESS WIRE)--Endace, the packet capture authority, today announced the release of OSm 7.3, a major new software update that makes network packet data faster, more affordable, and more user friendly.

Packets Without the Wait: 50X Faster Search, API-Driven Automation, and Instant Forensics

With threats evolving at unprecedented speed and regulations like DORA, GDPR, HIPAA, and PCI-DSS requiring organizations to maintain detailed network forensics capabilities, packet-level network visibility is increasingly recognized as the gold standard for network security and troubleshooting.

However, for many organizations, packet capture is being recognized as the bedrock evidential data required to solve increasingly difficult security and network problems. EndaceProbes play a central role in making that data easier to access and use across security and network teams. OSm 7.3 is designed to make packet capture even more universal, providing instant access to deep network intelligence that can be seamlessly integrated into automated security workflows.

"We are at a critical moment where teams are realising the value of packet capture as a tool they use every day," said Stuart Wilson, CEO of Endace. "The regulatory environment demands it, the threat landscape requires it, and now the technology makes it practical for every organization. With OSm 7.3, we are delivering on our vision to make the most comprehensive network visibility not just powerful, but truly immediate, scalable, and affordable; Security teams can focus on threats rather than fighting their tools."

Key Innovations in OSm 7.3: SOC-Tested and Industry-Driven

OSm 7.3 was influenced by industry feedback and Endace’s experience operating five Security Operations Center events over the past year.

1. Revolutionary Search Performance: 50X Speed Improvement

OSm 7.3 introduces a fundamentally re-architected search capability that delivers results up to 50 times faster than the previous generation, itself already well ahead of competitive solutions.

• From minutes to seconds: Queries that previously took 45-60 seconds now return results in 1-2 seconds
• Instant user experience: The EndaceVision interface now displays search results and metadata nearly instantaneously, eliminating progress bars and wait times
• Competitive advantage: While competitors measure search performance in tens of minutes, Endace now operates at sub-second speeds for most common queries

2. Vault REST API: Automation-Ready Packet Intelligence

The new Vault REST API represents a fundamental shift in how packet data integrates with modern security operations. This capability was designed based on real-world experience operating Security Operations Centers with leading vendors including Cisco, Splunk and Palo Alto Networks.

What the Vault REST API delivers:

• Important evidence preservation: Security tools request the Vault REST API to mine and archive packet data in the background, ensuring important evidence is curated, attached to the incident work log, and available when analysts need it
• Comprehensive forensic data: Returns raw packets, reassembled files extracted from traffic, Zeek logs, and visualization data showing network context
• Intelligent archiving: Automatically stores retrieved data in secondary "vault" storage, ensuring key evidence is preserved for as long as it’s required
• Populate worklogs and evidence boards: Ensures that analysts have instant access to important evidence from within their incident response workflow by attaching the evidence to the incident in the SIEM, SOAR, or xDR system.

"We watched security teams work with our technology alongside tools from Cisco, Palo Alto, and other leading vendors,” said Cary Wright, VP of Products at Endace. “Building on what we learned, the Vault REST API makes packet intelligence a native component of automated security workflows rather than a manual fallback option. When access is fast and flexible, packet evidence becomes an invaluable part of everyday security operations, dramatically accelerating incident investigation and response and improving detection.”

Availability

OSm 7.3 is available for download now from the Endace Support Portal. All EndaceProbe models, InvestigationManager, and Central Management Server platforms support the update.

About Endace

Endace’s scalable, always-on packet capture gives Network Operations and Security teams the deep visibility they need for fast, accurate incident investigation with rich forensic evidence at their fingertips from all their tools. EndaceProbes provide enterprise-class packet sniffing in on-prem, public and private cloud environments, with rapid, centralized search and one-click access to full pcap data from leading security and performance solutions (including Microsoft, Palo Alto Networks, Fortinet, Cisco, Splunk, Elastic, and many others). Analyze network traffic using a single, unified console across all on-prem, private, or public cloud infrastructure for total hybrid cloud visibility. Capture every packet. See every threat. www.endace.com