Endgame provides a cyber operations platform supporting the detection, exploitation, and mitigation of cyber-threats. Endgame was started by executives from ISS (Internet Security Systems).

Wikipedia
Endgame
Endgame
Blog Post
  • Over the last few years, macro-based document attacks have been growing in popularity.  With the rising cost of memory corruption based exploitation due to the required level of expertise and resources, attackers understand that they can accomplish similar results by just convincing users to click through a dialog box.  This has consequently led to more and more security vendors adding protections...

Endgame
Endgame
Blog Post
  • Every scientist needs a home.   Like most PhD research topics, mine was “special”. It was unique enough to straddle a few research communities, but fit snugly into none.  Because conferences often reflect these “communities”, I considered my “home academic community” for machine learning to be ICML and NIPS.  But, significant signal and image processing themes often didn’t fit there, and so I als...

Endgame
Endgame
Blog Post
  • In past blog posts, we shared our approach to hunting for traditional in-memory attacks along with in-depth analysis of many injection techniques. As a follow up to my DerbyCon presentation, this post will investigate an emerging trend of adversaries using .NET-based in-memory techniques to evade detection. I’ll discuss both eventing (real-time) and on-demand based detection strategies of these .N...

Endgame
Endgame
Blog Post
  • Following the Equifax breach in early September, in which 143 million records were stolen, The New York Times updated their interactive tool for individuals to comprehend how much of their data has been exposed across a range of breaches. Just a few weeks later, they updated it again following the announcement that the 2013 Yahoo breach impacted three billion accounts. Given the extent of the data...

Endgame
Endgame
Blog Post
  • Last night, The Washington Post published an article on Russia’s use of Facebook for micro-targeting. According to the article, last summer Facebook’s cyber experts found evidence of APT 28 setting up fake accounts, including Guccifer 2.0. APT 28 has been linked to Russia, and not only consists of hackers but also media operations that can be carried out simultaneously. This is just the latest exa...

Endgame
Endgame
Blog Post
  • Over the past few years, we have published numerous posts on the benefits and challenges of machine learning in infosec in an effort to help fellow practitioners and customers separate hype from the reality. We also believe contributing to the larger open source community is an essential component of this outreach.  In conjunction with Black Hat, DefCon and BSidesLV, we have released two GitHub re...

Endgame
Endgame
Blog Post
  • Financially motivated cyber attacks occur on a daily basis, often via ransomware but often through direct and aggressive targeting of organizations both in and out of the financial sector. Attackers delivering ransomware can and do make significant sums of money doing so - after all, that’s why they do it - but targeting specific institutions directly has also proven extremely profitable. For inst...

Endgame
Endgame
Blog Post
  • Author: David Murray, Chief Business Development Officer, Corvil The time of solely providing a constant stream of security alerts is over.  It has gone the way of the buggy whip, the mullet, and the virtual moat (firewall) or physical moat as the primary line of defense!   Unlike the mullet, there is no party in the back for security analysts today.  There is too much for analysts to manage – t...

Endgame
Endgame
Blog Post
  • Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another process. Process injection improves stealth, and some techniques also achieve persistence. Although there are numerous process injection techniques, in this blog I present ten techniques seen in the wild tha...

Endgame
Endgame
Blog Post
  • In our last post, we highlighted the design challenges we faced creating a chatbot for the security space. While the design considerations pose a significant challenge, equally daunting is building something that actually “understands” the end user. For instance, the banner graphic above demonstrates the wide gap between query language syntax when searching on endpoints and how a human would actua...

Endgame
Endgame
Blog Post
  • Capital One recently hosted the excellent Data Intelligence conference in northern Virginia. As a data scientist working in infosec, it was great to meet so many new people and old friends who were all interested in applying machine learning to diverse fields. I presented an overview of our early research into malware classification titled “Which Model Came Hot and Fresh Out the Kitchen in our Mal...

Endgame
Endgame
Blog Post
  • Throughout the day, news spread of a ransomware attack hitting Europe and Russia, before making its way into the United States. By one estimate, it has already impacted tens of thousands computers, including pharmaceutical giant Merck, Russian oil company Rosneft, Danish shipping company AP Moller-Maersk, and a Ukrainian company responsible for monitoring Chernobyl’s radiation system. Today’s rans...

Endgame
Endgame
Blog Post
  • As an industry, security suffers from an inside baseball problem, generally focused on the technical minutiae and failing to translate it to the non-experts. This not only makes security inaccessible to the rest of the population, but it hinders a more holistic perspective on just how quickly the threat landscape is evolving. This strategic perspective is required to ensure both public and private...

Endgame
Endgame
Blog Post
  • Threat Hunters are charged with the difficult task of sifting through vast sources of diverse data to pinpoint adversarial activity at any stage in the attack lifecycle. To be successful, hunters must continually hone their subject matter expertise on the latest attacker techniques and detection methods. Memory resident malware, which presents itself in many forms, is an attacker technique that ha...

Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New mobile optimized landing page detected

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

Download

 
Endgame
Endgame
Landing Page

New landing page detected.

 
Endgame
Endgame
Landing Page

New mobile optimized landing page detected

 
Endgame
Endgame
Landing Page

New mobile optimized landing page detected

 
Endgame
Endgame
Landing Page

New landing page detected.

 

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.