New platform guards against in-memory endpoint attacks
Cyber attackers know that the weakest point of an organization's security is usually the endpoint and they'll increasingly try to hide malware's presence from security tools by running it only in memory.
Endpoint security specialist Endgame is releasing an update to its platform which expands coverage of the attacker lifecycle to anticipate innovations.
Today's release enhances in-memory attack detection and malicious persistence detection capabilities, building on Endgame's pre-exploit prevention, signature-less malware detection, early-stage attacker technique detection, and automated investigations.
Endgame can detect all known and unknown techniques used by adversaries to hide in-memory. Its patent-pending technology detects in-memory-only adversaries by identifying attack artifacts and automating threat remediation.
The platform also analyses persistence locations and applies enrichments and advanced analytics to detect malicious persistence. Other tools on the market provide incomplete collection of persistent files and are incapable of identifying malicious persistent techniques including COM hijacking and zero-day malware. What used to be an error-prone process -- taking security analysts hours or days -- can be carried out in minutes with high confidence detections of malicious activity.
"Advanced adversaries are waging war on the endpoint, and security professionals realize that defensive technologies are not enough to prevent these sophisticated attacks," says Jian Zhen, SVP of product at Endgame. "Endgame provides the earliest prevention, detection and response to disrupt the attack lifecycle without the need for signatures. Our latest platform innovations will uncover the most sophisticated techniques that incumbent tools fail to detect".
You can find out more and request a demo on the Endgame website.
Image Credit: Shutterstock / Pavel Ignatov