SentinelOne Unveils ActiveEDR to Autonomously Detect and Remediate Advanced Attacks
Next-Generation EDR Enhances Autonomous Threat Hunting For Security Teams of All Skill Levels
Mountain View, Calif. – FEBRUARY 28, 2019 – SentinelOne, the autonomous endpoint protection company, today announces the next step in endpoint security evolution — ActiveEDR — which is delivered via SentinelOne’s single agent, single codebase, single console architecture. Going beyond traditional antivirus and EDR solutions, ActiveEDR, powered by SentinelOne’s proprietary TrueContext technology, allows security teams to quickly understand the story and root cause behind threat actors and autonomously respond, without any reliance on cloud resources. With ActiveEDR, everyone from advanced SOC analysts to novice security teams can automatically remediate threats and defend against advanced attacks. This technology empowers security teams to focus on the alerts that matter and leverage technology to assist in what before was limited to human mandated tasks.
Security teams are challenged with monitoring and protecting every edge of their network, from the endpoint to the cloud. While most EDR solutions passively allow operators to find what’s malicious, many don’t provide the context to understand what was found, or better yet, locate the source and autonomously block attacks. SentinelOne’s TrueContext takes into account advanced context evasion techniques that normally bypass or confuse passive EDR solutions, providing security teams with situational awareness and actionable context faster than any other solution on the market. The technology allows analysts and responders to fully and automatically remediate threats leveraging SentinelOne’s automated response capabilities.
ActiveEDR reduces the cost and time required to bring value to the complicated and overwhelming amount of data provided by passive EDR tools. The autonomous AI-powered agent functions like a SOC analyst on each and every endpoint, transforming massive amounts of data into TrueContext stories and raising high-quality, prioritized alerts when threat behavior is observed. At machine speed, ActiveEDR, leveraging TrueContext, is able to prevent, detect, and respond to advanced attacks regardless of delivery vectors, whether the endpoint is connected to the cloud or not.
“Operationalizing EDR technologies has historically been challenging,” said Alex Burinskiy, Lead Security Engineer, Cengage, an education and technology company. “ActiveEDR provides our entire security team — regardless of skill level — with the context to not only understand what was found, but autonomously block attacks faster than any other solution on the market.”
“As threats evolve, it is no longer enough to provide passive EDR solutions that only notify of a potential threat,” said Tomer Weingarten, CEO and Co-Founder, SentinelOne. “Analysts are drowning in data, and simply aren’t able to keep up with sophisticated attack vectors such as ransomware, exploits and other fileless evils until it’s too late. ActiveEDR allows security teams, regardless of skill level, to easily identify malware and attackers lurking in a network, cutting the time to detect, contain, eradicate, and recover in realtime.”
SentinelOne will be demonstrating ActiveEDR at RSA Conference, March 4-8, in San Francisco, California at Booth S #1527. To schedule a demo at the event, please visit: https://go.sentinelone.com/rsa2019.html
SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects and responds to attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook.
fama PR for SentinelOne
Reversing Malware on macOS
Endpoint Protection Platform Free Demo