enSilo Adds Orchestration, Delivers Custom Response Actions to Fight Hidden Breaches
March 15, 2018
4 Min Read
SAN FRANCISCO, March 14, 2018 -- enSilo, the company that protects endpoints pre- and post-infection to stop data breaches and data disruption caused by malware in real-time, today announced plans to release the next version of its endpoint security platform in late Q1 2018. This platform enhancement (version 2.7 SP1) will transform security operations by giving customers the ability to not only detect and contain malware in real-time, but also apply tailormade, pre-configured incident response actions according to threat classifications and following the customers’ incident response security policies. While the platform filters-out threats or contains infiltrated threats in real-time, these features complement the elimination of the costly “dwell time” delays existing between the point when malware and other threats first compromise a system and when security teams and controls conclusively remediate risk by removing malicious code and comply with the organization security practices.
These extended security orchestration features enable rich, pre-configured response actions, such as issuing a ticket, selecting notification methods and taking multiple remediation and containment measurements upon a single or cross-environment devices, to be applied as conclusive, automated responses upon the trigger of a specific event - all in a single endpoint security platform. These features save decision-making and response time for security teams, who would otherwise have to overcome manual interpretation of alerts from targeted endpoint systems and time lags inherent in remediating compromised devices. Instead, the enSilo platform combines powerful automation with customers’ policies to drive efficiency and comply with the organization incident response processes post an attack.
“Organizations understand that compromise is inevitable and typical dwell times of 100 days or longer, due to lagging incident response and threat hunting capabilities, are doomed to fail, resulting in data breaches and tampering consequences. Post-infection processes must also be automated to deliver real-time post-infection protection and automated response allowing incident response teams to perform their necessary tasks,” said Elad Horn, Vice President of Products at enSilo. “Organizations want an automated, comprehensive, purpose built, endpoint security platform architecture that filters out malware, protects the data once compromised and automatically responds to the incident following organizations’ best practices. enSilo’s platform serves that purpose well, taking the ‘manhunt’ edge off the incident response processes, while utilizing a comprehensive, cloud managed, single lightweight agent to enable a full end to end protection and response.”
“I am expecting that all security tools, including those that provide post-infection capabilities such as EDR, help us contain already infiltrated malicious activities while automating incident response tasks. It is not beneficial for us to throw more bodies at responding to breaches and technology helps to better utilize our staff,” said Jimmy Heschl, Head of Digital Security at Red Bull. “Security tools need a highly intuitive interface and be effective to various forms of cyber attacks. With real-time containment and orchestration I firmly believe that enSilo is one of the few vendors delivering automation capabilities to better protect endpoints pre- and post-infection. There is, of course, no 100% security and it is an imperative to continually raise the bar and to leverage promising technology.”
According to The Ponemon Institute’s 2017 Cost of Data Breach Study, “The faster the data breach can be identified and contained, the lower the costs. For the third year, our study reports the relationship between how quickly an organization can identify and contain data breach incidents and the financial consequences. For our consolidated sample of 419 companies, the mean time to identify (MTTI) was 191 days, with a range of 24 to 546 days. The mean time to contain (MTTC) was 66 days with a range of 10 to 164 days. Both the time to identify and the time to contain were highest for malicious and criminal attacks (214 and 77 days, respectively) and much lower for data breaches caused by human error (168 and 54 days, respectively).”
“EDR (Endpoint Detection and Response) solutions help security and risk (S&R) pros detect and respond to advanced cyberattacks that have long since surpassed the capabilities of traditional endpoint security solutions,” wrote Josh Zelonis, senior analyst from Forrester, in the recent report, Now Tech: Endpoint Detection And Response, Q1 2018.
In a recent in-depth product review, CSO noted, “The enSilo platform is a unique and powerful way to protect endpoints. Its biggest strength, besides having a nearly perfect detection rate based on program behavior within specific operating systems, is its flexibility. It can be set to be little more than post-breach insurance, automatically detecting and killing malware that bypasses AV protection. Or it can be configured as an advanced investigation tool, halting unknown threats and letting security teams examine them in safety. Or it can be just about anything in-between.”
Current enSilo customers will receive this upgrade free of charge. To learn more about enSilo, please visitwww.ensilo.com.
You May Also Like
A screen displaying many different types of charts and graphs to show what data is being analyzed.Cybersecurity Analytics