Endgame provides a cyber operations platform supporting the detection, exploitation, and mitigation of cyber-threats. Endgame was started by executives from ISS (Internet Security Systems).

Wikipedia
Endgame
Endgame
Blog Post
  • Since 2013, the Worldwide Threat Assessment of the U.S. Intelligence Community has listed the cyber threat as the number one national security and economic security threat. From interference in global elections to critical infrastructure attacks to compromising worldwide banking systems, adversaries increasingly pursue digital means to achieve various objectives, including espionage, financial gai...

Endgame
Endgame
Blog Post
  • After six years of coordinated cyber attacks and data theft, the U.S. Department of Justice (DoJ) issued indictments yesterday against three members of the Chinese threat group known as APT 3 or Gothic Panda. The indictments specifically address data theft and corporate espionage against Siemens, Moody’s Analytics, and Trimble, a company that develops navigation satellite systems.  These indictmen...

Endgame
Endgame
Blog Post
  • When WannaCry ransomware paralyzed and created chaos throughout Britain’s National Health System earlier this year, it became abundantly clear that hospitals and healthcare providers are not immune to opportunistic or targeted attacks. As targeted attacks continue to rise, endpoints and servers that access electronic personal health information (ePHI) and electronic medical record (EMR) are prime ...

Endgame
Endgame
Blog Post
  • Last week, Endgame CEO Nate Fick and The New York Times reporter Nicole Perlroth discussed the future of cyberwar and its impact on national security at the Computer History Museum in Mountain View, CA. The conversation ranged from the asymmetric nature of today’s cyber attacks to the difficulty of attribution to how the US government can successfully deter its enemies in the digital domain. The e...

Endgame
Endgame
Blog Post
  • Yesterday, the House Foreign Affairs Committee voted on numerous bills by voice vote. The Cyber Diplomacy Act (CDA) was included in this legislative push. First introduced in September, the Cyber Diplomacy Act has bipartisan support with nine Democrat and six Republican cosponsors. The CDA covers a broad range of issues which together provide the foundation for the U.S. to “work internationally to...

Endgame
Endgame
Blog Post
  • Last year, we had that rare opportunity to reflect upon our UI architecture and evaluate whether it would continue to serve us going forward. In the end, we decided to take a fundamentally new approach. Under the new architecture, the UI would now be a client-side application filled with visualizations and complex interactions. Our frontend team critically reviewed our previous UI application to d...

Endgame
Endgame
Blog Post
  • Malware authors frequently add signatures from expired or compromised certificates to bypass AV products that don’t validate those signatures correctly. Last week, researchers from the University of Maryland presented evidence that this technique is much more widespread than previously believed. Their research was highlighted at the ACM Conference on Computer and Communications Security and in an ...

Endgame
Endgame
Blog Post
  • Today, we released the 2.5 version of the Endgame platform. This new release extends the scope, speed, and simplicity of our platform with new prevention, detection and response, and automated threat hunting capabilities. Our newest features Endgame Resolver™ with Endgame Artemis® enhancements provides analysts with the simplest visual experience and turn by turn guidance to contain and remediate ...

Endgame
Endgame
Blog Post
  • Security professionals from academia and industry gather this week in Dayton, OH for the annual National Initiative for Cybersecurity Education (NICE) Conference and Expo.  NICE is a program of the National Institute for Standards and Technology, and focuses on the cybersecurity workforce, education, and training needs of the nation. As part of this conference, I am presenting my research on impro...

Endgame
Endgame
Blog Post
  • BadRabbit is the latest auto-propagating ransomware making the rounds and disrupting organizations.  We previously went deep into the technical details.  This post will describe our testing of BadRabbit in the presence of our endpoint protection platform.  I didn’t want to rush to join the pack for self-congratulations along the lines of, “Look, Vendor X would have protected you!” posts and emails...

Endgame
Endgame
Blog Post
  • Five years ago, the Strata Conference hosted a panel debating the value of domain expertise versus machine learning skills in data science. The machine learning side won. This debate continues today, not just in data science, but there is frequently news of AI-powered robots on track to replace humans across most industries. In security, this contention generally manifests along the lines of some ...

Endgame
Endgame
Blog Post
  • On October 12th, Ukraine’s SBU security service warned of an imminent attack against government and private institutions similar to the NotPetya attack in June. Two months earlier, the SBU made a similar warning, noting that a second wave of attacks could follow if attackers maintained covert, unauthorized privileged access. These warnings seemed to bear fruit yesterday, as a new ransomware varian...

Endgame
Endgame
Blog Post
  • Organizations worldwide are facing an onslaught of targeted attacks, or attacks that are uniquely designed and executed against a specific enterprise or government entity. These attacks are 100% successful because they outperform enterprise security programs and outpace vulnerability, patch, and configuration management programs. At the heart of this problem is an outdated attack model implicit in...

Endgame
Endgame
Blog Post
  • Over the last few years, macro-based document attacks have been growing in popularity.  With the rising cost of memory corruption based exploitation due to the required level of expertise and resources, attackers understand that they can accomplish similar results by just convincing users to click through a dialog box.  This has consequently led to more and more security vendors adding protections...

Endgame
Endgame
Blog Post
  • Every scientist needs a home.   Like most PhD research topics, mine was “special”. It was unique enough to straddle a few research communities, but fit snugly into none.  Because conferences often reflect these “communities”, I considered my “home academic community” for machine learning to be ICML and NIPS.  But, significant signal and image processing themes often didn’t fit there, and so I als...

Endgame
Endgame
Blog Post
  • In past blog posts, we shared our approach to hunting for traditional in-memory attacks along with in-depth analysis of many injection techniques. As a follow up to my DerbyCon presentation, this post will investigate an emerging trend of adversaries using .NET-based in-memory techniques to evade detection. I’ll discuss both eventing (real-time) and on-demand based detection strategies of these .N...

Endgame
Endgame
Blog Post
  • Following the Equifax breach in early September, in which 143 million records were stolen, The New York Times updated their interactive tool for individuals to comprehend how much of their data has been exposed across a range of breaches. Just a few weeks later, they updated it again following the announcement that the 2013 Yahoo breach impacted three billion accounts. Given the extent of the data...

Endgame
Endgame
Blog Post
  • Last night, The Washington Post published an article on Russia’s use of Facebook for micro-targeting. According to the article, last summer Facebook’s cyber experts found evidence of APT 28 setting up fake accounts, including Guccifer 2.0. APT 28 has been linked to Russia, and not only consists of hackers but also media operations that can be carried out simultaneously. This is just the latest exa...

Endgame
Endgame
Blog Post
  • Over the past few years, we have published numerous posts on the benefits and challenges of machine learning in infosec in an effort to help fellow practitioners and customers separate hype from the reality. We also believe contributing to the larger open source community is an essential component of this outreach.  In conjunction with Black Hat, DefCon and BSidesLV, we have released two GitHub re...

Endgame
Endgame
Blog Post
  • Financially motivated cyber attacks occur on a daily basis, often via ransomware but often through direct and aggressive targeting of organizations both in and out of the financial sector. Attackers delivering ransomware can and do make significant sums of money doing so - after all, that’s why they do it - but targeting specific institutions directly has also proven extremely profitable. For inst...

Endgame
Endgame
Blog Post
  • Author: David Murray, Chief Business Development Officer, Corvil The time of solely providing a constant stream of security alerts is over.  It has gone the way of the buggy whip, the mullet, and the virtual moat (firewall) or physical moat as the primary line of defense!   Unlike the mullet, there is no party in the back for security analysts today.  There is too much for analysts to manage – t...

Endgame
Endgame
Blog Post
  • Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another process. Process injection improves stealth, and some techniques also achieve persistence. Although there are numerous process injection techniques, in this blog I present ten techniques seen in the wild tha...

Endgame
Endgame
Blog Post
  • In our last post, we highlighted the design challenges we faced creating a chatbot for the security space. While the design considerations pose a significant challenge, equally daunting is building something that actually “understands” the end user. For instance, the banner graphic above demonstrates the wide gap between query language syntax when searching on endpoints and how a human would actua...

Endgame
Endgame
Blog Post
  • Capital One recently hosted the excellent Data Intelligence conference in northern Virginia. As a data scientist working in infosec, it was great to meet so many new people and old friends who were all interested in applying machine learning to diverse fields. I presented an overview of our early research into malware classification titled “Which Model Came Hot and Fresh Out the Kitchen in our Mal...

Endgame
Endgame
Blog Post
  • Throughout the day, news spread of a ransomware attack hitting Europe and Russia, before making its way into the United States. By one estimate, it has already impacted tens of thousands computers, including pharmaceutical giant Merck, Russian oil company Rosneft, Danish shipping company AP Moller-Maersk, and a Ukrainian company responsible for monitoring Chernobyl’s radiation system. Today’s rans...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.