Endpoint

3/14/2018
01:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

enSilo Adds Orchestration, Delivers Custom Response Actions to Fight Hidden Breaches

SAN FRANCISCO, March 14, 2018 -- enSilo, the company that protects endpoints pre- and post-infection to stop data breaches and data disruption caused by malware in real-time, today announced plans to release the next version of its endpoint security platform in late Q1 2018. This platform enhancement (version 2.7 SP1) will transform security operations by giving customers the ability to not only detect and contain malware in real-time, but also apply tailormade, pre-configured incident response actions according to threat classifications and following the customers’ incident response security policies. While the platform filters-out threats or contains infiltrated threats in real-time, these features complement the elimination of the costly “dwell time” delays existing between the point when malware and other threats first compromise a system and when security teams and controls conclusively remediate risk by removing malicious code and comply with the organization security practices.

These extended security orchestration features enable rich, pre-configured response actions, such as issuing a ticket, selecting notification methods and taking multiple remediation and containment measurements upon a single or cross-environment devices, to be applied as conclusive, automated responses upon the trigger of a specific event - all in a single endpoint security platform. These features save decision-making and response time for security teams, who would otherwise have to overcome manual interpretation of alerts from targeted endpoint systems and time lags inherent in remediating compromised devices. Instead, the enSilo platform combines powerful automation with customers’ policies to drive efficiency and comply with the organization incident response processes post an attack.

“Organizations understand that compromise is inevitable and typical dwell times of 100 days or longer, due to lagging incident response and threat hunting capabilities, are doomed to fail, resulting in data breaches and tampering consequences. Post-infection processes must also be automated to deliver real-time post-infection protection and automated response allowing incident response teams to perform their necessary tasks,” said Elad Horn, Vice President of Products at enSilo. “Organizations want an automated, comprehensive, purpose built, endpoint security platform architecture that filters out malware, protects the data once compromised and automatically responds to the incident following organizations’ best practices. enSilo’s platform serves that purpose well, taking the ‘manhunt’ edge off the incident response processes, while utilizing a comprehensive, cloud managed, single lightweight agent to enable a full end to end protection and response.”

“I am expecting that all security tools, including those that provide post-infection capabilities such as EDR, help us contain already infiltrated malicious activities while automating incident response tasks. It is not beneficial for us to throw more bodies at responding to breaches and technology helps to better utilize our staff,” said Jimmy Heschl, Head of Digital Security at Red Bull. “Security tools need a highly intuitive interface and be effective to various forms of cyber attacks. With real-time containment and orchestration I firmly believe that enSilo is one of the few vendors delivering automation capabilities to better protect endpoints pre- and post-infection. There is, of course, no 100% security and it is an imperative to continually raise the bar and to leverage promising technology.”

According to The Ponemon Institute’s 2017 Cost of Data Breach Study, “The faster the data breach can be identified and contained, the lower the costs. For the third year, our study reports the relationship between how quickly an organization can identify and contain data breach incidents and the financial consequences. For our consolidated sample of 419 companies, the mean time to identify (MTTI) was 191 days, with a range of 24 to 546 days. The mean time to contain (MTTC) was 66 days with a range of 10 to 164 days. Both the time to identify and the time to contain were highest for malicious and criminal attacks (214 and 77 days, respectively) and much lower for data breaches caused by human error (168 and 54 days, respectively).”

“EDR (Endpoint Detection and Response) solutions help security and risk (S&R) pros detect and respond to advanced cyberattacks that have long since surpassed the capabilities of traditional endpoint security solutions,” wrote Josh Zelonis, senior analyst from Forrester, in the recent report, Now Tech: Endpoint Detection And Response, Q1 2018.  

In a recent in-depth product review, CSO noted, “The enSilo platform is a unique and powerful way to protect endpoints. Its biggest strength, besides having a nearly perfect detection rate based on program behavior within specific operating systems, is its flexibility. It can be set to be little more than post-breach insurance, automatically detecting and killing malware that bypasses AV protection. Or it can be configured as an advanced investigation tool, halting unknown threats and letting security teams examine them in safety. Or it can be just about anything in-between.”

Current enSilo customers will receive this upgrade free of charge. To learn more about enSilo, please visitwww.ensilo.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17358
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a ...
CVE-2018-17359
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
CVE-2018-17360
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executa...
CVE-2018-17361
PUBLISHED: 2018-09-23
Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled.
CVE-2018-17364
PUBLISHED: 2018-09-23
OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter.