CounterTack Reports 300% Growth Fueled by New Enterprise Capabilities in CounterTack Sentinel Big Data EDR Platform

Year over year Q1 growth attributed to enhanced IR capabilities; endpoint threat management workflow and response; better endpoint performance and intelligence

April 21, 2015 - Waltham, MA and San Francisco, CA – CounterTack, the leader in Big Data Endpoint Detection and Response (EDR), today announced new enterprise capabilities built into its flagship platform, CounterTack Sentinel. Sentinel is the only endpoint detection and response (EDR) platform that offers organizations the flexibility, scale and integration necessary to counter escalating unknown endpoint threats, enterprise-wide.

“With year-over-year, Q1 growth exceeding 300%, the latest features, integrations and enhanced capabilities in Sentinel position CounterTack as the clear leader in the EDR category,” said Neal Creighton, CEO, CounterTack. “We’ve architected our Sentinel platform for today’s security teams, so they can execute a continuous, intelligence-based response to sophisticated threats. We’ve responded to customer demand with enhancements across enterprise-level threat detection, endpoint intelligence correlation, performance, workflow and visualization to counter the most sophisticated, unknown threats at the endpoint.”

“As the market continues to shift, enterprise customers are demanding more out of EDR platforms, and CounterTack continues to deliver innovation,” said Aaron Ruby, VP, Product Management, CounterTack. “Sentinel is built to adapt to the specific needs of each enterprise. The proliferation of advanced and target endpoint threats requires capabilities available only from CounterTack — real-time data capture that doesn’t adversely impact the enterprise, an analytic view of the enterprise as more than just a collection of individual endpoints, and a scalable platform that allows analysts to explore enterprise intelligence freely. We are providing a truly differentiated offering to meet today’s endpoint security needs.”

Key Enhancements:

         Performance
  • Intelligent collection, making the highest-performing endpoint sensor even faster, with a smaller network footprint.
  • Distributed search engine allows analysts to make historical queries enterprise wide, accelerating incident response in the case of missed threats - thus allowing analysts to trace threats to their origins for more complete root cause analysis.
         Detection and Intelligence:
  • Enhanced correlation of network interactions via DNS, GeoIP and WHOIS
  • New behavioral classifications, including identification of attacker attempts to evade detection by injecting code into legitimate processes.
  • New frequency analysis alerts operators in near real-time when a suspicious file is proliferating across the enterprise.
  • New lateral movement detection follows behaviors across multiple endpoints.
         Workflow and Visualization
  • Interactive timelines allow users to easily filter and navigate through historical data
  • Behavior punch cards quickly reveal the 'anatomy of a hack' and allow analysts of all skill sets to be effective responders
  • Quick-view profiles for processes allow operators to quickly call up a snapshot of available intelligence on a process without changing views

         Response

  • Quarantine hosts, individually or in bulk — find endpoints infected with malware and quarantine them all in a single click.

CounterTack will be at the RSA 2015 Conference at Booth 933, South Hall, Moscone Center, San Francisco, CA April 20–23.

### 


About CounterTack

CounterTack is the leading provider of real-time, Big Data endpoint threat detection and response for the enterprise. CounterTack's Sentinel platform provides unprecedented visibility and context around endpoint behavior to targeted, persistent threats to improve incident response and threat detection, enterprise-wide.

Built on Big Data architecture to counter endpoint attacks at-scale and leveraging its stealthware technology for pure behavioral capture on workstations and servers, Sentinel dramatically reduces the impact of advanced attacks in real-time, giving teams an opportunity to defend the enterprise before incidents escalate.

2014 Gartner Cool Vendor Report