Effective Endpoint Security With Automatic Detection and Response Solutions
- LANGUAGE: English DATE: Thursday, January 14, 2021 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
The realization that cyber-attacks are inevitable has led the cybersecurity industry to shift some of its focus to detection and response rather than prevention in recent years. Therefore, the market for solutions designed to detect attacks on endpoints and respond accordingly has grown significantly. These Endpoint Detection & Response (EDR) solutions look for evidence and effects of malware that may have slipped past Endpoint Protection (EPP) products. EDR tools also perform evaluation of threat intelligence, event correlation, and often allow interactive querying, live memory analysis, and activity recording and playback.
However, the integration of EDR solutions into your security architecture sometimes requires additional software agents, administrative consoles, threat hunting skills, and knowledgeable personnel to manage it all. The solutions can produce vast amounts of complex data that IT teams may have a hard time analyzing, especially when they are under-staffed or don’t have specific threat hunting skills. This may lead to the solution being ineffective at reducing risk to acceptable levels.
Join this webinar to learn about
- Trends in adversary techniques and why first-generation mitigation and containment methods fail
- MITRE ATT&CK – what it means and how it drives more effective investigations, threat hunts and responses
- Why more sophisticated ML-based detection methods are imperative
- How EDR products are evolving to handle ever-changing threats
- How automation can be applied to reduce Mean Time to Containment and Mean Time to Repair
KuppingerCole Lead Analyst John Tolbert will give his view on the findings of the Market Compass Endpoint Protection, Detection, and Response and explain what they mean to customers striving for improved operations and better security.
He will be joined by Thom Langford, Global Security Advocate at SentinelOne, who will explain how EPP, EDR, and Internet of Things can be integrated into a platform that addresses customer pain points such as security complexity, data overload, too many deployed agents, and the ability to respond to threats in a timely manner.
SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects and responds to attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit sentinelone.com.
As users, devices and application workloads move outside the corporate network, the traditional model of enforcing security at the network perimeter is no longer effective. A Zero Trust model offers an alternative that secures data while ensuring it is accessible to employees, regardless of where they are working. But the path to achieving Zero Trust is unclear for many organizations.