SentinelOne Frees Enterprises from Ransomware

Latest Release of AV-Replacement Platform adds Automated Rollback of Endpoints to Pre-Infected State, “Undoing” Damage Caused by Attacks

MOUNTAIN VIEW, Calif.,Nov. 18, 2015 – SentinelOne, the company that’s transforming security with a next-generation antivirus replacement solution, today announced a new version of its Endpoint Protection Platform (EPP) which protects organizations from becoming victims of advanced malware and exploit-based attacks, including ransomware like CryptoWall.

In June, an FBI notice identified CryptoWall as the most common form of ransomware affecting individuals and businesses in the US. The Bureau said it had received 992 complaints related to CryptoWall between April 2014 and June 2015 with losses totaling $18 million. The agency also warned that companies may not be able to get their data back following an infection without paying a ransom. As a result, many businesses must resort to paying criminals to regain access to critical files. Afterwards, they also face the painstaking process of trying to remediate systems altered during the course of the attack. SentinelOne can now make organizations immune to both of these damaging effects.

Click to Tweet: @SentinelSec frees enterprises from #ransomware

“With eight offices in the US and China handling confidential information for clients in the venture capital and emerging technology sectors, protecting devices from malware and advanced attacks is a top priority for us,” said Peter G. Basil, Director of Information Technology for Gunderson Dettmer, the world’s leading business law firm serving the venture capital and emerging growth marketplace. “SentinelOne EPP is a critical layer in our defense against ransomware, saving us untold amounts of time and money in lost productivity and clean-up operations. Based on its ability to protect against both known and zero day threats, we can replace our antivirus suite with SentinelOne and get full protection without paying for two products.”

Giving Businesses the Upper Hand over Attackers

SentinelOne EPP uses real-time execution monitoring and analysis to pinpoint malicious behaviors. Regardless of the attack method used, once malicious code executes, whether on disk or in memory, SentinelOne immediately detects the attack and automatically takes mitigation and containment actions to eliminate the threat. For example, it can be configured to automatically remove an endpoint from the network, terminate a malicious process, quarantine malware, and delete malicious code altogether to prevent it from infecting other devices.

To accelerate and automate remediation processes, SentinelOne now offers the following new features:

  • Patent-pending Dynamic Remediation and “Rollback” that immediately restores deleted or modified system files to a state prior to the attack. This eliminates the need for costly clean up operations and greatly accelerates time to remediation.
  • Increased visibility into attacks with real-time endpoint forensics presented through a unique storyline view of malware activity on an endpoint, including pinpointing what parts of the system were directly affected. This forensic intelligence is available to security administrators in real-time allowing them to analyze attack techniques using a high level graphical view that provides drill down access to specific activity data.

“Unfortunately, as we predicted last year, the number of ransomware incidents targeting organizations, rather than consumers, has spiked significantly in 2015. These attacks can cripple a business, impose significant financial losses and take days to clean up,” said Tomer Weingarten, CEO of SentinelOne. “SentinelOne EPP dynamically adapts to polymorphic and previously unknown malware used by ransomware. This allows us to detect and kill malicious processes, quarantine an affected endpoint to prevent any lateral spread, and rollback compromised systems to their pre-attack state to minimize downtime and lost productivity.”


This latest version of SentinelOne’s Endpoint Protection Platform (EPP) that includes new Endpoint Detection and Response (EDR) capabilities, including Dynamic Remediation and Rollback, is available immediately from SentinelOne and its business partners.

For more information please visit our product announcement page.