CounterTack Sentinel gives you the actionable security data you need, when you need it most and how you want to see it. So you can respond to the most pressing threats.
The CounterTack Sentinel Management Console is fundamentally built on “search,” making filtering, searching and grouping endpoints for customizable views easy to visualize – quickly and effectively – the data that matters, at scale.
When you know your environment and your organization's risk tolerance, you are ready for Sentinel. Sentinel gives operators the ability to customize intelligence through Smart Groups.
The creation of Smart Groups allows organizations to configure specific endpoint groupings to map to specific business concerns, or even integrate into incident response workflows. Smart groups let teams manage critical endpoint groupings automatically, removing the need to manually monitor activity on singular or smaller populations of endpoints.
Searching across endpoints running on your network helps teams sort endpoint data to filter results per endpoint, if necessary. The information maps to the management-level data in the Intelligence view, providing threat profile detection, threat impact, IP addresses impacted, linked behaviors and time-stamped logging.
Behavioral filtering helps teams visualize activity from the behavior level. Operators experience no gap in search results compared to the Intelligence view. However, customers are able to visualize all the behaviors collected as they correlate with events on endpoints based on search criteria.
Searching by event in the event dashboard provides a detailed view of the conditions present in those events. Once users sort by event type, Sentinel presents the correlations to those behaviors, the sources, and the intended targets of the attack as they relate to event types searched, for a customized view.