New endpoint protection offers instant detection and response to unknown threats
Traditional endpoint protection is usually reliant on the use of signature-based detection systems. But of course these don't spot zero day attacks that can slip in before the antivirus software catches up.
Security solutions provider Endgame is using its extensive experience providing security intelligence and analytics solutions to the US government to offer an enterprise solution focusing on protecting critical infrastructure, enabling customers to detect and respond faster to unknown threats, and preventing damage and loss.
It uses detailed attack-chain analysis to allow enterprise security teams to accelerate detection, investigation, containment and remediation. Endgame Enterprise captures and analyzes the details of an attack, giving incident responders attack-path intelligence and insight into the consequences of cyber threats. Endgame Enterprise features military-grade adversary intelligence and state-of-the-art threat detection algorithms. These are designed to detect zero-day and advanced threats without the use of signatures -- using an inherent ability to detect suspicious behavior.
"Attacks are becoming increasingly sophisticated, but you don't need to have a PhD in computer science to stay one step ahead of them. Companies need to quickly assess the extent and potential impact of relevant incidents, which is where many traditional solutions fail," says Endgame CEO Nate Fick. "Our research on advanced threats, vulnerabilities and attack patterns, and our history protecting some of the nation’s most sensitive national security assets, allows us to understand defenses from the adversary’s perspective. Endgame Enterprise empowers existing security teams to accelerate the investigation and remediation of threats that would otherwise go undetected".
By building a profile of malicious behavior, the software provides advisories to an administrative console, without impacting performance or user experience. Security teams are presented with a comprehensive picture of the attack to support rapid containment and allow remedial action. These advanced visualizations complement forensic tools and help forensic analysts understand, in detail, how a breach occurred and help prevent future occurrences.