TECHNOLOGY ALLIANCE PARTNERS

We have relationships with leading technology partners that will integrate with our powerful security and investigative solutions to help you maximize your total investment.

Become a Partner

Types

Products

Box

Type:
Data Repositories

The first e-discovery solution for cloud-hosted data. Box-enabled EnCase eDiscovery allows you to include your Box-hosted data in the scope of electronic discovery request.

Cisco

Type:
Threat Intelligence

Threats encountered in a security environment are passed to Cisco AMP Threat Grid threat intelligence for reputation checking, threat scoring, and malware analysis. If the enriched data validates a threat, it can be then passed back to EnCase Endpoint Security for forensic remediation.

Learn More

Cisco

Type:
Alert Response

Users of the Cisco Next Generation Intrusion Prevention System can leverage EnCase Endpoint Security to process incoming alerts by capturing relevant endpoint data that will triage & validate true positive alerts, reduce false positives, and definitively respond to encountered threats.

Demisto

Type:
IR Automation

EnCase facilitates complex IR functionality and capabilities for security teams that can be managed and automated through the Demisto orchestration console.

Dropbox

Type:
Data Repositories

Enable defensible search and the ability to collect and preserve electronically stored information (ESI) in Dropbox for Business accounts through integration with EnCase eDiscovery. EnCase eDiscovery makes it possible to respond to litigation, arbitration, and regulatory investigations while keeping relevant ESI in check.

FireEye

Type:
Alert Response

Users of FireEye for APT Sandboxing can leverage EnCase Endpoint Security to process incoming alerts by capturing relevant endpoint data that will triage & validate true positive alerts, reduce false positives, and definitively respond to encountered threats.

HPE

Type:
Alert Response

Users of HPE Arcsight for security information and event management can leverage EnCase Endpoint Security to process incoming alerts by capturing relevant endpoint data that will triage & validate true positive alerts, reduce false positives, and definitively respond to encountered threats.

Learn More

IBM

Type:
Alert Response

Users of IBM QRadar for security information and event management can leverage EnCase Endpoint Security to process incoming alerts by capturing relevant endpoint data that will triage & validate true positive alerts, reduce false positives, and definitively respond to encountered threats.

Intel Security

Type:
Agent Management

The EnCase Agent can be managed using the Intel ePolicy Administrator for deployment and administration.

Lastline

Type:
Threat Intelligence

Threats encountered in a security environment are passed to Lastline threat intelligence for reputation checking and threat scoring. If the enriched data validates a threat, it can be then passed back to EnCase Endpoint Security for forensic remediation.

Palo Alto Networks

Type:
Alert Response

Users of Palo Alto Wildfire for APT detection and sandboxing can leverage EnCase Endpoint Security to process incoming alerts by capturing relevant endpoint data that will triage & validate true positive alerts, reduce false positives, and definitively respond to encountered threats.

Project VIC

Type:
Forensic Investigation
Product:
EnCase Forensic

With EnCase Forensic’s integration to Project VIC, an ever growing hash library of known victims of child exploitation, you will be able to identify known victims faster, allowing you to focus your efforts on finding any unknown victims of abuse. Additionally, with this integration you can contribute your findings to Project VIC, helping all forensic examiners improve their ability to identify victims of child exploitation.

Learn More

Relativity

Type:
E-Discovery

The ability to leverage solutions across multiple stages of the e-discovery process is critical for organizations looking to achieve efficiency with ever-increasing caseloads. The integration between EnCase eDiscovery and Relativity ensures e-discovery teams will be able to work with and move their data more quickly and intelligently.

Learn More

Splunk

Type:
Alert Response

Users of Splunk Enterprise for operational intelligence can leverage EnCase Endpoint Security to process incoming alerts by capturing relevant endpoint data that will triage & validate true positive alerts, reduce false positives, and definitively respond to encountered threats.

Learn More

STIX

Type:
Open-Source Tools

EnCase Endpoint Security ingests IOC’s from STIX to locate potential threats existing in a security environment.

Swimlane

Type:
IR Automation

EnCase facilitates complex IR functionality and capabilities for security teams that can be managed and automated through the Swimlane orchestration console.

Symantec

Type:
Alert Response

Users of the Symantec (formerly Blue Coat) Security Analytics Platform can leverage EnCase Endpoint Security to process incoming alerts by capturing relevant endpoint data that will triage & validate true positive alerts, reduce false positives, and definitively respond to encountered threats.

Learn More

VirusTotal

Type:
Threat Intelligence

Users benefit from VirusTotal’s massive threat intelligence database, allowing Endpoint Security users to pull file reputation and other threat intel into investigations during response.

YARA

Type:
Open-Source Tools

EnCase Endpoint Security ingests YARA rules to locate potential indicators of compromise in a security environment.