What is it about?
The workstations from which users access a company’s data network are of unquestionable interest to malicious online users. Carpentering control means having a bridgehead to penetrate between servers, databases, network shares or other repositories, and perhaps come into possession of sensitive data.
This explains the constant malware diffusion campaigns that hit users via e-mail and Internet browsing, without forgetting USB devices or the connection to “evil” Wi-Fi.
CryptoNet Labs supports customers in protecting workstations through its partner SentinelOne‘s Endpoint Protection Platform (EPP) solution.
Designed to overcome signature limits, an approach on which antivirus engines have always relied and whose limits emerge with zero-days (i.e. programs that exploit network vulnerabilities not yet equipped with countermeasures) or ransomware (such as Wannacry), SentinelOne uses a set of proven techniques (certified by independent laboratories, such as AV-Test, NSS Labs or MITRE).
Using machine learning, cloud intelligence, reputational analysis, static (deep file inspection) and behavioural mechanisms, EPP is able to counter unknown and sophisticated threats, such as file-less or memory-based malware, document exploitation or Powershell attacks.
SentinelOne has complete visibility of what happens on the machine and understands its “malignant” nature: it not only reports an event, but can intervene with actions of process blocking, quarantine, deletion of artefacts on file systems and rollback of changes implemented by the malware (even in the case of ransomware).
Who can benefit from it
Companies that want solutions, even managed ones, for a more complete defence of their user workstations and servers, and effective tools to detect, analyse and respond instantly to infections and IT attacks.