CounterTack Sentinel Technology

Continuous Response to Persistent Endpoint Threats

CounterTack Sentinel is as much a cybersecurity solution as it is a Big Data platform for endpoint security. Sentinel delivers a best-of-breed endpoint detection and response (EDR) solution to counter advanced threats across the enterprise. Sentinel combines efficient threat detection, data collection and correlation with Big Data technology to scale EDR and counter threats based on unprecedented endpoint intelligence.

Sentinel Intelligence Dashboard

CounterTack Sentinel delivers real-time context into user and attacker behavior across large endpoint environments.

Driverless Sentinel Kernel Module

Sentinel Endpoint Sensor

The Sentinel Endpoint Sensor installs directly on laptop and server endpoints, collecting behavioral data continuously as it monitors the operating system. Attackers and malicious insiders cannot detect the module based on itechnology that makes it tamper-resistant. This enables pure data collection without impacting system performance or endpoint integrity.

Analysis Cluster

Sentinel Analysis Cluster

The Sentinel Analysis Cluster allows enterprises to monitor endpoints at scale, without performance degradation. Based on Cloudera, Sentinel is the most powerful on-premise EDR platform that delivers enterprise-wide threat correlation. Sentinel is architected with distributed systems in mind, delivering the capability to scale data collection and analysis up and down to meet the demands of sophisticated endpoint environments.

Management Console/Dashboard

Sentinel Management Console

Sentinel's Management Console is architected so operators can intuitively search for broader threat impact across the enterprise and automatically respond with agility and accuracy. Enterprises can manage detected threats that carry high severity levels that indicate endpoint compromises, and can easily drill down for more visibility into behaviors, objects and processes for a holistic, customized view of your endpoint environment.

Knowledge Library

Sentinel Knowledge Library

The Sentinel Knowledge Library delivers automated threat analysis and intelligence to operators, and ships with a comprehensive set of compromise profiles. Threat indicators are used to automatically identify the threats they face, based on behavioral analysis, or malware, rootkit and unauthorized insider activity, so security teams and incident response pros can automatically classify threats in real-time, and leverage the context to accurately counter threats.