01:10 PM
Dark Reading
Dark Reading
Products and Releases

enSilo Adds Orchestration, Delivers Custom Response Actions to Fight Hidden Breaches

SAN FRANCISCO, March 14, 2018 -- enSilo, the company that protects endpoints pre- and post-infection to stop data breaches and data disruption caused by malware in real-time, today announced plans to release the next version of its endpoint security platform in late Q1 2018. This platform enhancement (version 2.7 SP1) will transform security operations by giving customers the ability to not only detect and contain malware in real-time, but also apply tailormade, pre-configured incident response actions according to threat classifications and following the customers’ incident response security policies. While the platform filters-out threats or contains infiltrated threats in real-time, these features complement the elimination of the costly “dwell time” delays existing between the point when malware and other threats first compromise a system and when security teams and controls conclusively remediate risk by removing malicious code and comply with the organization security practices.

These extended security orchestration features enable rich, pre-configured response actions, such as issuing a ticket, selecting notification methods and taking multiple remediation and containment measurements upon a single or cross-environment devices, to be applied as conclusive, automated responses upon the trigger of a specific event - all in a single endpoint security platform. These features save decision-making and response time for security teams, who would otherwise have to overcome manual interpretation of alerts from targeted endpoint systems and time lags inherent in remediating compromised devices. Instead, the enSilo platform combines powerful automation with customers’ policies to drive efficiency and comply with the organization incident response processes post an attack.

“Organizations understand that compromise is inevitable and typical dwell times of 100 days or longer, due to lagging incident response and threat hunting capabilities, are doomed to fail, resulting in data breaches and tampering consequences. Post-infection processes must also be automated to deliver real-time post-infection protection and automated response allowing incident response teams to perform their necessary tasks,” said Elad Horn, Vice President of Products at enSilo. “Organizations want an automated, comprehensive, purpose built, endpoint security platform architecture that filters out malware, protects the data once compromised and automatically responds to the incident following organizations’ best practices. enSilo’s platform serves that purpose well, taking the ‘manhunt’ edge off the incident response processes, while utilizing a comprehensive, cloud managed, single lightweight agent to enable a full end to end protection and response.”

“I am expecting that all security tools, including those that provide post-infection capabilities such as EDR, help us contain already infiltrated malicious activities while automating incident response tasks. It is not beneficial for us to throw more bodies at responding to breaches and technology helps to better utilize our staff,” said Jimmy Heschl, Head of Digital Security at Red Bull. “Security tools need a highly intuitive interface and be effective to various forms of cyber attacks. With real-time containment and orchestration I firmly believe that enSilo is one of the few vendors delivering automation capabilities to better protect endpoints pre- and post-infection. There is, of course, no 100% security and it is an imperative to continually raise the bar and to leverage promising technology.”

According to The Ponemon Institute’s 2017 Cost of Data Breach Study, “The faster the data breach can be identified and contained, the lower the costs. For the third year, our study reports the relationship between how quickly an organization can identify and contain data breach incidents and the financial consequences. For our consolidated sample of 419 companies, the mean time to identify (MTTI) was 191 days, with a range of 24 to 546 days. The mean time to contain (MTTC) was 66 days with a range of 10 to 164 days. Both the time to identify and the time to contain were highest for malicious and criminal attacks (214 and 77 days, respectively) and much lower for data breaches caused by human error (168 and 54 days, respectively).”

“EDR (Endpoint Detection and Response) solutions help security and risk (S&R) pros detect and respond to advanced cyberattacks that have long since surpassed the capabilities of traditional endpoint security solutions,” wrote Josh Zelonis, senior analyst from Forrester, in the recent report, Now Tech: Endpoint Detection And Response, Q1 2018.  

In a recent in-depth product review, CSO noted, “The enSilo platform is a unique and powerful way to protect endpoints. Its biggest strength, besides having a nearly perfect detection rate based on program behavior within specific operating systems, is its flexibility. It can be set to be little more than post-breach insurance, automatically detecting and killing malware that bypasses AV protection. Or it can be configured as an advanced investigation tool, halting unknown threats and letting security teams examine them in safety. Or it can be just about anything in-between.”

Current enSilo customers will receive this upgrade free of charge. To learn more about enSilo, please visitwww.ensilo.com.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
The Case for Integrating Physical Security & Cybersecurity
Paul Kurtz, CEO & Cofounder, TruSTAR Technology,  3/20/2018
A Look at Cybercrime's Banal Nature
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/20/2018
City of Atlanta Hit with Ransomware Attack
Dark Reading Staff 3/23/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.