Endpoint Security

---

SentinelOne provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics. The innovative security solutions offer broad protection against diverse modes of attack, including malware, exploits, and live/insider attacks. 

Malware attacks protection includes executables such as Trojans, malware, worms, backdoors, payload-based Fileless- Memory-only malware, no-disk-based indicators, and fileless attacks such as memory-only malware, no-disk-based indicators. Exploit attacks include exploits rooted in Office documents, Adobe files, macros, spear phishing emails as well as drive-by downloads, Flash, Java, JavaScript, VBS, IFrame/HTML5, plug-ins. Live/insider attacked include PowerShell, WMI, PowerSploit, VBS, Mimikatz, credentials scraping, and tokens. 

SentinelOne Control  

• Delivers multi-layered AI-powered endpoint protection, with Static AI pre-execution protection for known and unknown file-based malware, and Behavioral AI agent-side behavioral monitoring that covers any attack vector, including unknown exploits and bypass attempts of traditional anti-virus. 

• The Behavioral AI engine is built to detect and mitigate malicious code and scripts in documents and can detect fileless attacks and exploits. Lateral Movement uses Behavioral AI to discover attempts coming from another device over the network. 

• Offeres attack remediation, cleaning all artifacts of a malicious attempt, including registry, scheduled tasks and more, while Rollback Revert returns an endpoint its pre-infected state. Upon detection, SentinelOne can immediately stop lateral threat spread cold by disconnecting the infected endpoint from the network while still maintaining the agent’s connection to the management console. 

SentinelOne Complete  

• Adds advanced capabilities such as threat hunting and Deep Visibility. It provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics. 

• Includes Advanced EDR/Threat Hunting, which provides the ability to search for attack indicators, investigate existing incidents, perform file integrity monitoring, and root out hidden threats. It includes an Attack Storyline, a visual diagram representing an execution flow, helping IR teams to quickly evaluate the impact of any threat. 

• Advanced capabilities include Deep Visibility into every event on the agent, including the ability to search for historic data, and visibility into the encrypted network traffic without pushing certificates or the need for expensive SSL appliances/blades. 

Features

One Agent for Consolidated Cybersecurity

• Full featured enterprise-grade EDR.
• NGAV and behavioral detection to stop known and unknown threats.
• Suite features like network control, USB device control, and Bluetooth device control.
• Native network attack surface protection and rogue device identification with Ranger.

Storyline Automates Visibility

• Storyline creates context in real time: Windows, macOS, Linux, and Kubenetes cloud-native workloads.
• Storyline enables efficient hypothesis testing leading to fast RCA conclusions.
• Process re-linking across PID trees and across reboots preserves precious context.
• PowerQuery language enables intuitive searches and hypothesis-based hunting.

One-Click Remediation & Rollback

• Automated responses and prevention mechanisms, all in one code base.
• Threat resolution across your estate—on one, several, or all devices—no scripting necessary.
• Storyline Active Response™ (STAR) keeps a constant watch for noteworthy events.
• One API with 350+ functions lets you build further, customized automations.

Hunter’s Toolkit

• High performance, industry leading historical EDR data retention for up to 3 years of visibility.
• Easy pivoting and hunting with 100’s of available MITRE ATT&CK® tactics and techniques.
• Customizable network isolation.
• Secure remote shell for Windows, macOS, Linux,
• and Kubernetes.
• File fetch malicious samples across any OS, and integrate with sandboxes for further dynamic analysis.

SOC Augmentation with MDR

• Vigilance, our in-house global SOC, offloads day-to-day operation of Singularity Complete to an elite team of analysts and hunters so you can refocus on more strategic projects.
• Vigilance Respond ensures every threat is reviewed, acted upon, documented, and escalated to you only when needed.
• Vigilance Respond Pro adds digital forensics and incident response services (DFIR) for extended analysis
• and response.

Bitdefender Cloud Security is a comprehensive security platform for physical, virtual, and cloud workloads that features award-winning performance and detection rates, with multi-layered, AI-powered protection against the latest zero-day and ransomware threats. 

• Cloud Security is powered by machine learning algorithms perfected over more than 10 years. Bitdefender consistently ranks first in independent tests for protection, performance, and usability. Bitdefender was awarded the prestigious AV-Test Best Protection 2017 and AV-Test Best Performance 2017 for achieving the maximum detection score and demonstrating the lowest impact on protected machines in each test conducted throughout the year. 

• Bitdefender GravityZone Portal and goes beyond standard AV protection. It includes Endpoint Risk Analytics to help companies reduce the attack surface by discovering and prioritizing risky OS and software misconfigurations and facilitating continuous security posture improvements. 

• Complete Antimalware and Antivirus provides an advanced combination of Anti-virus/Anti-malware so you only need one security solution, mitigating security breaches, simplifying deployments and reducing expenses. And with more than 10 years of experience and 7 patents, Bitdefender has perfected Machine Learning algorithms to block elusive new threats with minimum false positives. 

• Exploit Defense protects against unknown exploits by identifying and blocking specific exploit techniques in memory that are used to hijack legitimate applications. Bitdefender Advanced Threat Control (ATC) continuously monitors running process for signs of malicious behavior and can detect and block attacks and malware that eluded other security layers.  

• Cloud Security also detects and blocks network attacks such as brute force, password stealers, network exploits and lateral movements. Businesses can enable admins to block known phishing or other malicious websites and scan unknown URLs, including HTTPS, to identify potential threats. 

• For content control, there is the option to block or restrict user access to potentially malicious websites, or it uses categories and schedules to reduce the attack surface and improve productivity. Finally, for device control, Bitdefender Cloud Security allows admins to block or restrict access to certain attachable devices, such as USBs, mitigating the risks of malware being introduced via these devices. 

Features

Bitdefender Endpoint Detection and Response

• Provides clear visibility into indicators of compromise (IOCs) and one-click threat investigation and incident response workflows. MSPs and MSSPs can leverage the new offering to deliver managed detection and response services to organizations that are highly sensitive about their data security.

Security for Virtualized Environments (SVE)

• Designed from the bottom-up for virtualization, SVE allows MSPs to use Central Scan – a      configuration relying on an ultra-lightweight agent that offloads scanning tasks to central dedicated Security Virtual Appliances (SVAs). Also leveraging advanced local and central caching mechanisms, SVE delivers up to 35% better consolidation ratios and up to 17% better application response times than conventional AV/AM solutions, according to LoginVSI tests.

Full Disk Encryption

• Prevents unauthorized access to data and meets rapidly growing customer needs for data security and compliance. It enables admins to implement central key management and      recovery and leverages native technologies for optimum performance.

Bitdefender Patch Management

• Reduces patching efforts and costs, offering a single source of patches for Windows and third-party applications. Patches can be applied automatically to all devices anywhere, both on-site and remote, reducing the window of opportunity for attackers to exploit vulnerable applications.

Bitdefender GravityZone Email Security

• Protects any cloud or on-premises email system from spam, phishing, malware as well as      sophisticated or targeted attacks. The only module available as a standalone security product, it helps MSPs to prevent ransomware, impersonation and fraud attempts. It leverages multiple leading security engines and behavioral technologies to analyze incoming and outgoing email      content, URLs, or attachments.

Bitdefender Advanced Threat Security

• Includes HyperDetect to block attacks at pre-execution with tunable machine learning capabilities, and Sandbox Analyzer for enhanced targeted attack detection. The offering      protects against file-less attacks, PowerShell and other script attacks, and delivers improved threat context and visibility.

Bitdefender GravityZone Security for Exchange

• An add-on for on-premises Exchange servers, Security for Exchange provides powerful defense against spam and phishing attempts. It delivers top-rated antispam and antimalware for mail servers, ensuring a secure messaging and collaboration environment with minimal resource consumption.