Vulnerabilities / Threats
1/7/2014
02:56 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

CounterTack Unveils Next Generation Of Sentinel For Endpoint Threat Detection And Response

Platform provides deep behavioral analysis of persistent attacks

WALTHAM, Mass., January 7, 2014 – CounterTack, a pioneer in delivering real-time endpoint threat detection, context and visibility around targeted attacks, today announced the next-generation of its revolutionary endpoint threat detection and response platform, Sentinel, to help global organizations regain control of their security against targeted, persistent threats.

"Defending against advanced persistent threats and protecting our organization and customers from threats like Dark Seoul are our top priorities," said Jae Woo Lee, General Manager of the Managed Security Service Team, SK Infosec. "We needed a platform that provides deep behavioral analysis of persistent attacks with an unparalleled level of intelligence, to make better security decisions. Sentinel gives us the visibility and attack context that we need to prioritize our response to known and unknown threats."

The endpoint has emerged as the epicenter of attacker access and activity – the new battleground between attackers and enterprise organizations. To combat large-scale, persistent threats, organizations need unobscured visibility into attacker behavior across the enterprise with automated intelligence to dramatically improve response time and response tactics. Sentinel combines its real-time stealthware with Big Data analytics to provide organizations with that visibility, context and intelligence necessary to make better, more informed security decisions across the entire enterprise.

"Persistent, motivated attackers have had the advantage over enterprise and government organizations for far too long – it's time to put these organizations back in control of their security," said Neal Creighton, CEO, CounterTack. "We leverage attackers' own technology and methods, delivering enterprise-grade stealthware to customers, that provides automated attack intelligence and enterprise-wide correlation. With Sentinel, CounterTack is turning the tide on attackers by giving teams a platform that's simple to deploy and operationalize across the entire enterprise."

Endpoint threat detection and response has emerged as a critical component in defending against sophisticated adversaries, driving market and technology consolidation evidenced by FireEye's recent acquisition of Mandiant. CounterTack remains the independent technology leader, with substantial advantages over competitive platforms including:

· No post-exploit search for attack signatures like other endpoint technology. Sentinel's driverless behavioral analysis capability analyzes application executtion in real-time to identify attacks in-progress.

· Better response to potential attacks because Sentinel identifies what actually happened during an attack while providing forensic-level details of attacks in progress. Security personnel use Sentinel's attack intelligence to choose the best response based on the type of attack.

· Complete attack analysis. Sentinel's robust search interface helps teams access any type of endpoint data from artifacts like files and registry keys, to real-time network statistics of which attacks accessed which hosts. This searchable data enables security engineers to understand how one identified attack affects the entire enterprise without the need for individual endpoint querying.

· Endpoint monitoring to scale the entire enterprise. Sentinel is built on Big Data technology which helps it scale to handle hundreds of thousands of endpoints. Simultaneously, Sentinel provides real-time forensic data through an enterprise architecture, giving teams the high availability, load balancing, and search capabilities they demand.

· Sentinel does not install agents to collect data on endpoints. Instead, it uses a lightweight, driverless kernel technology to gather continuous, real-time data from endpoints without a performance impact.

"...In fact, kernel-based tools offer better protection from tampering because the userland agent tool cannot be protected from the attacker with kernel-level access. It is more difficult for the attacker to hide from ETDR data collection than, say, native OS logging," Gartner, Endpoint Threat Detection and Response Tools and Practices, Anton Chuvakin, September 25, 2013.

About CounterTack

CounterTack is revolutionizing security by bringing real-time attack detection and forensics to the endpoint, rendering traditional endpoint security obsolete with its Scout and Sentinel solutions, shortening the gap between detection and infection for enterprise organizations. By actively engaging attackers, CounterTack helps organizations dramatically reduce the dwell time of advanced, persistent adversaries and the damage they can cause. Through blazing-fast detection, real-time attack capture and automated intelligence, CounterTack provides unparalleled visibility into malicious behavior, enabling organizations to make smarter decisions on countering known and unknown threats to protect their business. To learn more, visit www.CounterTack.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-0334
Published: 2014-10-31
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

CVE-2014-2334
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2335
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2336
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.

CVE-2014-3366
Published: 2014-10-31
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.