Endpoint

3/14/2018
01:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

enSilo Adds Orchestration, Delivers Custom Response Actions to Fight Hidden Breaches

SAN FRANCISCO, March 14, 2018 -- enSilo, the company that protects endpoints pre- and post-infection to stop data breaches and data disruption caused by malware in real-time, today announced plans to release the next version of its endpoint security platform in late Q1 2018. This platform enhancement (version 2.7 SP1) will transform security operations by giving customers the ability to not only detect and contain malware in real-time, but also apply tailormade, pre-configured incident response actions according to threat classifications and following the customers’ incident response security policies. While the platform filters-out threats or contains infiltrated threats in real-time, these features complement the elimination of the costly “dwell time” delays existing between the point when malware and other threats first compromise a system and when security teams and controls conclusively remediate risk by removing malicious code and comply with the organization security practices.

These extended security orchestration features enable rich, pre-configured response actions, such as issuing a ticket, selecting notification methods and taking multiple remediation and containment measurements upon a single or cross-environment devices, to be applied as conclusive, automated responses upon the trigger of a specific event - all in a single endpoint security platform. These features save decision-making and response time for security teams, who would otherwise have to overcome manual interpretation of alerts from targeted endpoint systems and time lags inherent in remediating compromised devices. Instead, the enSilo platform combines powerful automation with customers’ policies to drive efficiency and comply with the organization incident response processes post an attack.

“Organizations understand that compromise is inevitable and typical dwell times of 100 days or longer, due to lagging incident response and threat hunting capabilities, are doomed to fail, resulting in data breaches and tampering consequences. Post-infection processes must also be automated to deliver real-time post-infection protection and automated response allowing incident response teams to perform their necessary tasks,” said Elad Horn, Vice President of Products at enSilo. “Organizations want an automated, comprehensive, purpose built, endpoint security platform architecture that filters out malware, protects the data once compromised and automatically responds to the incident following organizations’ best practices. enSilo’s platform serves that purpose well, taking the ‘manhunt’ edge off the incident response processes, while utilizing a comprehensive, cloud managed, single lightweight agent to enable a full end to end protection and response.”

“I am expecting that all security tools, including those that provide post-infection capabilities such as EDR, help us contain already infiltrated malicious activities while automating incident response tasks. It is not beneficial for us to throw more bodies at responding to breaches and technology helps to better utilize our staff,” said Jimmy Heschl, Head of Digital Security at Red Bull. “Security tools need a highly intuitive interface and be effective to various forms of cyber attacks. With real-time containment and orchestration I firmly believe that enSilo is one of the few vendors delivering automation capabilities to better protect endpoints pre- and post-infection. There is, of course, no 100% security and it is an imperative to continually raise the bar and to leverage promising technology.”

According to The Ponemon Institute’s 2017 Cost of Data Breach Study, “The faster the data breach can be identified and contained, the lower the costs. For the third year, our study reports the relationship between how quickly an organization can identify and contain data breach incidents and the financial consequences. For our consolidated sample of 419 companies, the mean time to identify (MTTI) was 191 days, with a range of 24 to 546 days. The mean time to contain (MTTC) was 66 days with a range of 10 to 164 days. Both the time to identify and the time to contain were highest for malicious and criminal attacks (214 and 77 days, respectively) and much lower for data breaches caused by human error (168 and 54 days, respectively).”

“EDR (Endpoint Detection and Response) solutions help security and risk (S&R) pros detect and respond to advanced cyberattacks that have long since surpassed the capabilities of traditional endpoint security solutions,” wrote Josh Zelonis, senior analyst from Forrester, in the recent report, Now Tech: Endpoint Detection And Response, Q1 2018.  

In a recent in-depth product review, CSO noted, “The enSilo platform is a unique and powerful way to protect endpoints. Its biggest strength, besides having a nearly perfect detection rate based on program behavior within specific operating systems, is its flexibility. It can be set to be little more than post-breach insurance, automatically detecting and killing malware that bypasses AV protection. Or it can be configured as an advanced investigation tool, halting unknown threats and letting security teams examine them in safety. Or it can be just about anything in-between.”

Current enSilo customers will receive this upgrade free of charge. To learn more about enSilo, please visitwww.ensilo.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2018
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12294
PUBLISHED: 2018-06-19
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
CVE-2018-12519
PUBLISHED: 2018-06-19
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
CVE-2018-12588
PUBLISHED: 2018-06-19
Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-1 before 3.1.1-2 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter (aka the S...
CVE-2018-10811
PUBLISHED: 2018-06-19
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
CVE-2018-10945
PUBLISHED: 2018-06-19
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.