List of Endace Threat Intelligence Customers
Endace Measurement Systems
Building C, Level 1 602 Great South Road Ellerslie,
Auckland, 1051,
New Zealand
Auckland, 1051,
New Zealand
64 9 582-0360
Professional Services
130
$35M
Since 2010, our global team of researchers has been studying Endace Threat Intelligence customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Endace Threat Intelligence for Threat Modeling from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Endace Threat Intelligence for Threat Modeling include: Cisco Systems, a United States based Professional Services organisation with 90400 employees and revenues of $53.80 billion, Defense Information Systems Agency, a United States based Government organisation with 19000 employees and revenues of $11.90 billion, Government Communications H Q, a United Kingdom based Government organisation with 5900 employees and revenues of $4.44 billion and many others.
Contact us if you need a completed and verified list of companies using Endace Threat Intelligence, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Endace Threat Intelligence customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Cisco Systems | Professional Services | 90400 | $53.8B | United States | Endace | Endace Threat Intelligence | Threat Modeling | 2025 | n/a |
In 2025, Cisco Systems deployed Endace Threat Intelligence as part of the RSAC 2025 SOC at Moscone Center, implementing the application within a Threat Modeling context to provide always-on packet capture and rapid forensics. The deployment used EndaceProbe appliances to collect full packet streams, Zeek generated logs and metadata, and file reconstruction and rapid search capabilities were configured to surface artifacts for live investigations.
The implementation emphasized packet-forensics and threat-intelligence workflows, with Endace Threat Intelligence configured to reconstruct files from captured traffic and to stream metadata and reconstructed artifacts into downstream systems. Zeek metadata and Endace search indexes were used to accelerate triage, supporting SOC incident response and adversary hunting workflows.
Integrations were explicitly established with Cisco XDR, Splunk and Talos to enable indexed packet-forensics and metadata to be consumed by SIEM and XDR analytics and by Talos threat intelligence pipelines. The architecture centralized packet capture on EndaceProbe appliances while forwarding Zeek logs and file artifacts to Splunk and Cisco XDR for correlation, and to Talos for enrichment, maintaining the end to end linkage between capture, metadata, and investigative tooling.
Operationally the deployment supported SOC incident response and hunting during the RSAC event, and workflows were structured to hand off evidence from Endace packet-forensics into XDR and SIEM casework. The configuration focused on orchestration of capture to search to SIEM/XDR ingestion, enabling faster investigative chaining and continuous threat modeling inside the event SOC environment.
|
 |
Defense Information Systems Agency | Government | 19000 | $11.9B | United States | Endace | Endace Threat Intelligence | Threat Modeling | 2021 | n/a |
In 2021, Defense Information Systems Agency awarded Endace a contract to deploy always on packet capture and a global network history solution to support analysts defending DoD networks in the United States. The deployment centers on Endace Threat Intelligence, classified in the Threat Modeling category, as the core platform for estate wide network history and forensic packet capture.
Endace Threat Intelligence was implemented to provide packet forensics and threat intelligence workflows, including continuous packet capture, indexed historical packet storage, and searchable network history. Configuration emphasizes distributed capture at network aggregation points and centralized index and query services to enable concurrent analyst search and forensic retrieval across captured traffic.
The program explicitly integrates Endace Threat Intelligence with security toolchains to feed forensic evidence into incident investigation workflows, improving analyst handoff between detection and response systems. Operational coverage targets DoD networks in the United States while preserving a global network history capability for retrospective analysis and multi analyst access.
Governance and process changes focused on controlled analyst access to indexed packet repositories, formalizing forensic search procedures and concurrent access policies to support scalable investigations. Reported outcomes include improved forensic search capabilities and scalable concurrent analyst access, aligned to support incident investigation and analyst workflows using Endace Threat Intelligence.
|
 |
Government Communications H Q | Government | 5900 | $4.4B | United Kingdom | Endace | Endace Threat Intelligence | Threat Modeling | 2011 | n/a |
In 2011, Government Communications H Q deployed Endace Threat Intelligence to enable high-speed fiber-optic traffic capture and analysis for intelligence operations in the United Kingdom. Public reporting from leaked documents indicates the purchase and installation occurred around 2010 to 2011 and included Endace systems with custom capture and recording features used for forensic analysis.
The Endace Threat Intelligence implementation focused on packet capture and threat forensics capabilities aligned with the Threat Modeling category, deploying purpose-built capture appliances for continuous high-fidelity packet recording, precise timestamping, and forensic indexing to support post-capture investigation workflows. Configuration work emphasized custom capture and recording features described in public sources, enabling queryable packet archives for investigators to run retrospective analysis.
Architecturally the deployment centered on on-premises Endace capture appliances positioned at fiber-optic network taps to ingest high-speed traffic feeds, providing time-accurate packet records for downstream forensic scrutiny. Operational scope reported covers intelligence operations across the United Kingdom and business functions directly tied to lawful-intercept and forensic investigative workflows.
Reporting infers Endace Threat Intelligence was used to support lawful-intercept authorizations and forensic investigations and that operational controls and investigative processes were required to handle recorded traffic as evidentiary material. The engagement links Government Communications H Q, Endace Threat Intelligence, Threat Modeling and intelligence operations through packet-capture driven forensic intelligence capabilities disclosed in public reporting.
|
Showing 1 to 3 of 3 entries
Buyer Intent: Companies Evaluating Endace Threat Intelligence
ARTW Buyer Intent uncovers actionable customer signals, identifying software buyers actively evaluating Endace Threat Intelligence. Gain ongoing access to real-time prospects and uncover hidden opportunities.
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||
FAQ - APPS RUN THE WORLD Endace Threat Intelligence Coverage
Endace Threat Intelligence is a Threat Modeling solution from Endace.
Companies worldwide use Endace Threat Intelligence, from small firms to large enterprises across 21+ industries.
Organizations such as Cisco Systems, Defense Information Systems Agency and Government Communications H Q are recorded users of
Endace Threat Intelligence for Threat Modeling.
Companies using Endace Threat Intelligence are most concentrated in Professional Services and Government, with adoption spanning over 21 industries.
Companies using Endace Threat Intelligence are most concentrated in United States and United Kingdom, with adoption tracked across 195 countries worldwide. This global distribution highlights the popularity of Endace Threat Intelligence across Americas, EMEA, and APAC.
Companies using Endace Threat Intelligence range from small businesses with 0-100 employees - 0%, to mid-sized firms with 101-1,000 employees - 0%, large organizations with 1,001-10,000 employees - 33.33%, and global enterprises with 10,000+ employees - 66.67%.
Customers of Endace Threat Intelligence include firms across all revenue levels — from $0-100M, to $101M-$1B, $1B-$10B, and $10B+ global corporations.
Contact APPS RUN THE WORLD to access the full verified Endace Threat Intelligence customer database with detailed Firmographics such as industry, geography, revenue, and employee breakdowns as well as key decision makers in charge of Threat Modeling.