CounterTack Sentinel Intelligence

Are you capturing context, or just collecting more data points?

CounterTack Sentinel produces an unprecedented level of actionable endpoint intelligence for security teams to gain definitive control over infected workstations and servers.

For an optimal level of visibility and context around endpoint behavior, teams can view real-time endpoint activity, sorting by specific endpoints, processes, behaviors and objects. 

Sentinel Analytics
Endpoints

Endpoints

The endpoint dashboard in the Sentinel Intelligence view provides a management-level dashboard view on concurrent endpoints running on your system, threat classifications and threat impact to the OS.

Operators receive a drill-down to better visualize priority endpoints affected by specific threats. This data set includes actionable information on threat profiles, threat impact, IP addresses impacted, linked behaviors and time-stamped logging.

Behaviors

Behaviors

The behaviors dashboard in Sentinel’s Intelligence view delivers a summary of core endpoint activity across endpoints running. The detailed drill down on behaviors gives operators an entirely new way to look at endpoint infection through a contextual trace on specific behaviors detected.

Sentinel automatically informs the user which threat classifications and behavioral traces remain unresolved so teams can easily visualize the threats that require an immediate response.

Objects

Objects

The objects dashboard provides summarized file and process activity data to produce an optimized view into activity involving OS processes and file activity.

The drill-down visualization operators receive from the objects dashboard will contribute to better decisions, more quickly, knowing which processes run are being manipulated as part of broader threats, and what type of file activity correlates with high-impact threats.

Events

Events

The events dashboard in the Sentinel Intelligence view produces high-level visibility into the current endpoint state, based on key events and basic events that are impacting workstations and servers across operating systems and customized groupings of endpoints.

The detailed information in the events dashboard is centered around the conditions linked to events Sentinel tracks. The data is organized to help visualize the most pervasively visible key and basic endpoint events for a comprehensive event analysis.