EnCase® Endpoint Security

Earlier Detection, Faster Decisions and Unprecedented Threat Response.


OpenText™ EnCase™ Endpoint Security CE 21.1

EnCase Endpoint Security CE 21.1 delivers additional out-of-the-box detection rules aligned to the latest MITRE ATT&CK framework, to help customers detect anomalies, including those resulting from the recent SolarWinds mega breach.

Now available on Microsoft’s Azure Marketplace, EnCase Endpoint Security CE 21.1 provides security teams with 360-degree visibility to validate, analyze, scope and respond to incidents originating or involving Microsoft Azure endpoints quickly and completely.


The only 360° visibility into the endpoint


Security teams have been battling to stay ahead of the curve, but without deep and trusted visibility into your endpoints, we're expending more effort than reward. EnCase Endpoint Security enables you with:

Earlier Detection

Earlier Detection of elusive risks, threats and anomalous activity unique to your organization, reducing your mean-time-to-discovery.

Faster Decisions

With time-critical endpoint telemetry, you can validate or dismiss security events as they happen, eliminate the chance of missing that critical alert and ensure continual return from security investments.

Forensic-Grade Response

Single, flexible platform that delivers automated and on-demand response, simplifies workflow and readily returns your endpoints to a trusted state.

EnCase® Endpoint Security

EnCase Endpoint Security Dashboard UI

the User Experience

A completely redesigned user interface that is deliberate and intended to enhance the security users’ end-to-end experience

Simplified workflows help security analysts and incident responders get started immediately with less training

Intuitive dashboards help quickly prioritize alerts and make evidence-based decisions to investigate or remediate threats

Request Demo
EnCase Endpoint Security Events UI

Raising the Bar with Detection & Response

Newly integrated threat intelligence instantly analyzes and responds to would-be threats

Conditional threat detection capabilities quickly identify suspicious artifacts to verify potential intrusions

Real-time continuous monitoring of endpoint activities greatly improves security incident response

Provides deep visibility into almost every imaginable forensic artifacts on any given endpoint throughout your enterprise

EnCase Endpoint Security Investigation Details UI

Automation all day, Everyday

Enriched and contextualized endpoint data, reported as Threat Scores, allow users to quickly focus on suspicious activities without analyzing all telemetry

Process tree visualizations provide the means to quickly ascertain process relationships without the need for a deep dive

Distributed IOC searching and enhanced endpoint processing for faster performance and scalability

Create events, collect endpoint data, initiate scans, remediate, and more from third party security tools using open APIs


Ready to Talk?

Let us answer your questions or schedule a demo.