Real-time, Unified Endpoint Protection
Real-Time, Unified Endpoint Protection is a next-generation endpoint protection company that delivers realtime detection, prevention and remediation of advanced threats in a single platform. Complete visibility into all endpoint activity without any performance drag Dynamic behavior analysis to detect threats across all major vectors Fully automated threat mitigation and remediation Visionary 2017 Magic Quadrant for Endpoint Protection Platforms Certified Antivirus replacement
The SentinelOne Endpoint Protection Platform Nation-grade APTs APTs File-less / Memory-only malware Exploits & script-based attacks File-based malware Blocked files & applications PREVENTION Dynamic Whitelisting / Blacklisting Cloud Intelligence STATIC PROTECTION Advanced Deep File Inspection DETECTION DYNAMIC PROTECTION Dynamic Behavior Detection RESPONSE 360-degree Attack View Forensics Mitigation Remediation Rollback Single Autonomous Agent 50MB Memory Footprint Single Management Console Supports up to 25,000 Endpoints Cloud or On-Premise Deployment Common threats Auto-immunize PRE-EXECUTION ON-EXECUTION POST-EXECUTION
Advanced Static Prevention Major breakthrough in signature-less detection, based on machine learning Deep File Inspection (DFI) engine prevents advanced malware-- on access Supported on all endpoint platforms: Windows / MacOS / Linux 31,000 Unique file characteristics defined and referenced Engine supports all mitigation actions Known and unknown file-based malware
Multi-layered Protection Across Major Threat Vectors Dynamic Whitelisting / Blacklisting Reduce overall attack surface by blocking known bad programs Advanced Static Prevention Deep File Inspection engine uncovers known and unknown malware-- upfront Behavior-based Threat Detection Dynamically detect the most advanced attacks across any vector
Best-in-class Next-Generation Endpoint Protection Certified Proven Recognized SentinelOne is a certified replacement for Antivirus Our customers include: The #3 cloud hosting provider The #1 retailer The #1 internet television network The #1 online travel chain The #2 financial exchange Visionary - 2016 MQ for Endpoint Protection Platforms
SentinelOne EPP Differentiation Backed by our Cyber Security Guarantee (covers up to $1M in event of successful ransomware attack) 1 console/1 agent for detection, prevention, remediation, forensics & (no need for additional tools) with native support of Mac OS X, Linux & Windows Remediation ability to quarantine/kill malicious processes & rollback registry changes and deleted/encrypted files
SentinelOne EPP Differentiation continued Behavior-based detection with no signatures required ability to detect advanced zero-day attacks, along with file-less malware, exploits and live/insider threats without the need to have internet connection Real-time forensics on all attack vectors Easy to deploy and manage on-going training included if needed. No additional FTE/OPEX SentinelOne can detect/block pre-execution, upon execution & post execution attacks
Effective Endpoint Protection Needs to Address the Entire Advanced Threat Lifecycle Pre-Execution On Execution Post-Execution Prevention + Whitelisting / Blacklisting Dynamic Malware Detection Mitigation Remediation Dynamic Exploit Detection Forensics
Endpoint Protection Platform Optimizing Endpoint Protection with SentinelOne Unified Approach Pre-Execution Multi-Solution Approach Single lightweight agent Static Prevention + Whitelisting / blacklisting Multiple agents Single management console On Execution Dynamic Malware Detection Multiple management consoles Fewer FTEs Dynamic Exploit Detection EMET More FTEs Post-Execution Reduced TCO Mitigation > 4x TCO of SentinelOne Remediation Forensics
SentinelOne Benefits Superior detection of advanced threats without performance overhead Automated threat mitigation at machine speed Visualize attacks with real-time forensics Seamlessly adapt against the latest threats > Cut TCO by up to 5x over multi-solution approaches Protect user endpoints and data center servers with a single platform Easily deployable across enterprise-scale environments
The Endpoint is the New Perimeter Endpoints are primary targets. This is where sensitive data lives. Endpoints are your organization s weakest link. Endpoint platforms are diverse, and often drift from standard configuration with frequent exposure to unsecured networks
AV is no Match for the New Threat Landscape Malware Ransomware, trojans, worms, backdoors File-less / Memory-based malware Exploits Document-based exploits Browser-based exploits Live Attacks Script-based: Powershell, Powersploit, WMI, VBS Credentials: credential-scraping, Mimikatz, tokens
Predict Malicious Behavior Lightweight, Autonomous Agent Continuously monitors all low-level activity on the endpoint device, online or offline Dynamic Behavior Tracking Predicts how attacks unfold against context of normal application behavior Real-Time Forensic Analysis 360-degree views of threat behavior, with Attack Storyline
Rapidly Eliminate Threats Zero-Touch Mitigation Policy-based; covers all endpoints for decisive incident response Robust Containment Stops lateral threat movement by disconnecting the device from the network Full Remediation Reverses malware-driven file modifications
Seamlessly Adapt Defenses Cloud Intelligence Extend protection by leveraging threat intelligence from select reputation services Auto-Immunization Notify all Agents on the network when a new threat is detected
Visionary: 2016 Gartner MQ for Endpoint Protection Platforms SentinelOne is the only vendor in this analysis that includes full EDR-type functionality in the core platform. SentinelOne is a good prospect to replace or augment existing EPP solutions for any company looking for a fresh approach and integrated EDR