Gives Customers Powerful, Lightweight Endpoint Threat Detection and Remediation; Enterprise-wide Management; Improved Incident Response Workflow and Correlation
Waltham, MA, October 20, 2014 – CounterTack, a pioneer in delivering real-time endpoint threat detection, context and visibility around targeted attacks, today announced the general availability of its new version of CounterTack Sentinel. Sentinel is now the only endpoint detection and response (EDR) platform that offers security teams the flexibility, scale and integration necessary to take back control of security on a global scale.
The latest release sets Sentinel apart in the EDR category and features an expanded capability set, architected for today’s security teams to execute a continuous detection, response and remediation workflow across the enterprise.
As attacks continue to proliferate in enterprise systems, teams will benefit from the latest enhancements in Sentinel’s kernel module data collection capability, so responders can detect broader threats and behaviors on endpoints, including those posed by removable media devices. Sentinel is the only EDR solution that combines stealth intelligence capture with a powerful suite of containment capabilities that perform at scale - while remaining lightweight, with no user or endpoint performance impact.
“As vendors rush to jump into the EDR space, dissolvable agents or agentless architectures don’t scale for enterprise needs and aren’t real-time collectors,” said Michael A. Davis, CTO, CounterTack. “We’ve architected Sentinel for today’s security teams, so they can effectively mitigate threats and prioritize the management of their overall security program. Sentinel gives teams the ability to connect their security ecosystem, and provide a ‘single source of truth’ for a coordinated response across the enterprise.”
This release of Sentinel expands an operator’s ability to correlate Sentinel’s behavioral intelligence with external threat indicators such those in threat intelligence feeds. Organizations can now make existing tools smarter by integrating detection and threat intelligence data from less sophisticated solutions, such as whitelisting products, with Sentinel’s real-time enterprise visibility. This gives organizations the ability to make critical security decisions with agility and confidence.
Robust New Product Enhancements:
Sentinel’s REST API promotes the seamless integration with the enterprise security ecosystem, giving organizations enhanced capabilities to import external indicators into Sentinel, further broadening its authoritative view into endpoint behavior.
Sentinel now provides teams with more robust remediation capabilities that enable enterprises to better manage threats - now with the ability to contain infections or attacks, without having to engage their IT department to simply remove the machine from the network.
Expanded support for CybOX standards combined with an application dataset, Sentinel allows teams to extract further value from whitelisting, preventative or threat intelligence solutions – now with the capability to selectively respond to, or automatically remediate threats.
New management capabilities map directly to security operations center (SOC) managers and CIRT teams to improve the efficiency of managing security enterprise-wide with enhanced ‘search’ workflow.
‘Smart Group’ creation from search facilitates the management of endpoint security at scale, and the ability to annotate intelligence with custom tags, allowing users to integrate Sentinel with an enterprise workflow.
Workflow enhancements complement new containment capabilities that allow users to identify compromised endpoints and then quarantine them with a single click - extending CounterTack’s commitment to Big Data technology, delivering an enterprise-wide approach to adaptive security.
CounterTack's real-time endpoint threat detection and response platform, CounterTack Sentinel, delivers unprecedented visibility and context to enterprise security teams around targeted, persistent threats. CounterTack dramatically reduces the impact of advanced attacks, providing real-time, behavioral-based intelligence on attacker activity upon infiltration, so organizations can defend their business leveraging Sentinel's contextual attack evidence for a rapid, prioritized response.
By combining 'stealthware' technology and Big Data analytics, CounterTack turns the tables on attackers, giving security teams and incident responders an advantage over their adversaries to make better security decisions with real-time, automated, forensic-level analysis. CounterTack is revolutionizing how companies defend their endpoints -- across the enterprise.