Endpoint

3/14/2018
01:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

enSilo Adds Orchestration, Delivers Custom Response Actions to Fight Hidden Breaches

SAN FRANCISCO, March 14, 2018 -- enSilo, the company that protects endpoints pre- and post-infection to stop data breaches and data disruption caused by malware in real-time, today announced plans to release the next version of its endpoint security platform in late Q1 2018. This platform enhancement (version 2.7 SP1) will transform security operations by giving customers the ability to not only detect and contain malware in real-time, but also apply tailormade, pre-configured incident response actions according to threat classifications and following the customers’ incident response security policies. While the platform filters-out threats or contains infiltrated threats in real-time, these features complement the elimination of the costly “dwell time” delays existing between the point when malware and other threats first compromise a system and when security teams and controls conclusively remediate risk by removing malicious code and comply with the organization security practices.

These extended security orchestration features enable rich, pre-configured response actions, such as issuing a ticket, selecting notification methods and taking multiple remediation and containment measurements upon a single or cross-environment devices, to be applied as conclusive, automated responses upon the trigger of a specific event - all in a single endpoint security platform. These features save decision-making and response time for security teams, who would otherwise have to overcome manual interpretation of alerts from targeted endpoint systems and time lags inherent in remediating compromised devices. Instead, the enSilo platform combines powerful automation with customers’ policies to drive efficiency and comply with the organization incident response processes post an attack.

“Organizations understand that compromise is inevitable and typical dwell times of 100 days or longer, due to lagging incident response and threat hunting capabilities, are doomed to fail, resulting in data breaches and tampering consequences. Post-infection processes must also be automated to deliver real-time post-infection protection and automated response allowing incident response teams to perform their necessary tasks,” said Elad Horn, Vice President of Products at enSilo. “Organizations want an automated, comprehensive, purpose built, endpoint security platform architecture that filters out malware, protects the data once compromised and automatically responds to the incident following organizations’ best practices. enSilo’s platform serves that purpose well, taking the ‘manhunt’ edge off the incident response processes, while utilizing a comprehensive, cloud managed, single lightweight agent to enable a full end to end protection and response.”

“I am expecting that all security tools, including those that provide post-infection capabilities such as EDR, help us contain already infiltrated malicious activities while automating incident response tasks. It is not beneficial for us to throw more bodies at responding to breaches and technology helps to better utilize our staff,” said Jimmy Heschl, Head of Digital Security at Red Bull. “Security tools need a highly intuitive interface and be effective to various forms of cyber attacks. With real-time containment and orchestration I firmly believe that enSilo is one of the few vendors delivering automation capabilities to better protect endpoints pre- and post-infection. There is, of course, no 100% security and it is an imperative to continually raise the bar and to leverage promising technology.”

According to The Ponemon Institute’s 2017 Cost of Data Breach Study, “The faster the data breach can be identified and contained, the lower the costs. For the third year, our study reports the relationship between how quickly an organization can identify and contain data breach incidents and the financial consequences. For our consolidated sample of 419 companies, the mean time to identify (MTTI) was 191 days, with a range of 24 to 546 days. The mean time to contain (MTTC) was 66 days with a range of 10 to 164 days. Both the time to identify and the time to contain were highest for malicious and criminal attacks (214 and 77 days, respectively) and much lower for data breaches caused by human error (168 and 54 days, respectively).”

“EDR (Endpoint Detection and Response) solutions help security and risk (S&R) pros detect and respond to advanced cyberattacks that have long since surpassed the capabilities of traditional endpoint security solutions,” wrote Josh Zelonis, senior analyst from Forrester, in the recent report, Now Tech: Endpoint Detection And Response, Q1 2018.  

In a recent in-depth product review, CSO noted, “The enSilo platform is a unique and powerful way to protect endpoints. Its biggest strength, besides having a nearly perfect detection rate based on program behavior within specific operating systems, is its flexibility. It can be set to be little more than post-breach insurance, automatically detecting and killing malware that bypasses AV protection. Or it can be configured as an advanced investigation tool, halting unknown threats and letting security teams examine them in safety. Or it can be just about anything in-between.”

Current enSilo customers will receive this upgrade free of charge. To learn more about enSilo, please visitwww.ensilo.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.