ProSight Active Security Monitoring Services and Ransomware DefenseProgent's ProSight Active Security Monitoring services feature behavior-analysis technology to provide advanced protection for endpoints and servers. This modern approach to malware defense addresses the new wave of cyber attacks, like ransomware, which easily avoid detection by traditional signature-based anti-virus (AV) techniques. ProSight ASM gives small and mid-sized companies the benefits of the same AV technology deployed by some of the world's largest enterprises including Walmart, Netflix, Visa, Citi, NASDAQ, and Salesforce. By providing real-time malware blocking, detection, mitigation, recovery and forensics in a single integrated platform, ProSight ASM lowers total cost of ownership, streamlines management, and expedites recovery. The next-generation endpoint protection (NGEP) engine incorporated in ProSight ASM was ranked by Gartner Group as the industry's "most visionary Endpoint Protection Platform."

Progent's ProSight Active Security Monitoring services rely on a low-profile software agent running on every protected device in order to create an active security grid that reacts to potential malware in real time and orchestrates unified defense featuring:

  • Real-time protection for Microsoft Windows, Mac, Linux, iOS and Android devices
  • Support for VMs powered by Hyper-V, VMware vSphere, and Citrix XenServer virtualization platforms
  • In-depth OS-level monitoring
  • Signature-less heuristics and extensive automation
  • Modern behavioral analysis
  • Detection of new generation attacks from all vectors
  • Automated post-attack remediation
  • Single-click rollback to last safe state after ransomware attack
  • Instant and automatic immunization across the entire device grid
  • Real-time visualization of an attack's progression through your network
  • Comprehensive forensics for identifying vulnerabilities
  • Centralized web-accessible management console
  • HIPPA and PCI compliant
ProSight Active Security Monitoring is available as an affordable fixed-cost monthly service, requires no special hardware, and protects onsite, mobile, and cloud-based resources. In case you experience a successful cyber attack, Progent can provide the services of certified data security experts to work as your red team to help you utilize ProSight ASM's advanced tools to contain the intrusion, remove the malware from all affected devices, evaluate the damage, rollback your system to the last known healthy state, and document the source of the attack and its storyline within your network.

ProSight Active Security Monitoring and Today's Threat Landscape
Over 97% of successful malware attacks could have been blocked by modern security tools. But the industry has come to realize that, unfortunately, some attacks will succeed despite the best defenses. The modern security landscape is too filled with bad actors, including state-sponsored cyber criminals, for any enterprise to be entirely safe. With this in mind, ProSight Active Security Monitoring is designed not just to prevent malware from gaining access to your network, but also to react decisively to any detected penetration. This includes immediate isolation of compromised devices, automatic threat removal, machine-speed immunization of all endpoints via device-resident agents, single-click restore to a safe state, and comprehensive forensics to show you how to bolster your security profile to foil future attacks. By delivering leading-edge protection during all phases of a cyber attack, ProSight ASM provides a comprehensive solution for dealing with the increasingly dire security landscape and avoiding the financial and reputation loss associated with a major security breach.

Endpoints such as desktops, notebooks and smartphones are the most susceptible and most commonly attacked elements of an IT network. ProSight Active Security Monitoring services offer a unified endpoint protection (EPP) platform to handle the complete lifecycle of a cyber attack including blocking, identification, remediation, restoration and analytics. Threats managed by ProSight ASM include:

  • File-based attacks like ransomware, trojans, worms, backdoors and payload-based attacks
  • File-less and memory-only attacks without disk-based indicators
  • Document-based attacks incorporated within macros and Office and Adobe files
  • Phishing and spear phishing email-based attacks (which are responsible for more than 90+ of security breaches)
  • Web browser-based attacks embedded in drive-by downloads, Flash, Java, Javascript, VBS, IFrame/HTML5, and plug-ins
  • Live attacks based on scripts like PowerShell, Powersploit, WMI, and VBS
  • Credential-based attacks such as credential-scraping, Mimikatz, and tokens
ProSight ASM's Behavior-based Threat Detection
Older-generation anti-virus (AV) software uses so-called "signature matching" as its primary mechanism for malware detection. With this technique, a distinct file hash, known as a signature, is calculated for every familiar threat. AV programs continually compare incoming data against ever-expanding signature tables, and block anything with a tell-tale signature. The problem with this technique is that new threats are now being generated much faster than AV labs can create and publish signatures. Next-generation AV platforms supplement traditional signature matching with behavior analysis. This technology examines the actions of a possible threat and decides whether the behavior is normal and safe or abnormal and potentially dangerous. For example, does the code in question impact an unusually large number of processes? Does it modify the registry? Does it log keystrokes? Basically, behavior analysis focuses on suspicious activities rather than on a signature, which a hacker can easily nullify just by changing a few inconsequential bytes of malware code.

Prevention: Prior to the Attack
New threats are being manufactured fast enough to overwhelm the capacity of signature-based AV platform providers. The industry has broadly recognized the shortcomings of signature-matching EPP since 2012. Since then things have grown worse quickly enough to quality as a crisis.

ProSight ASM Endpoint Protection Services

Malware production has increased far faster than signature-based AV technology can respond

ProSight ASM uses intelligent cloud-based resources and reputation services from major vendors to block known threats. This combined with deep file inspection and dynamic blacklisting and whitelisting give ProSight ASM an advantage over traditional AV products. However, prevention is only the first stage of modern AV defense. Sophisticated exploits, file-less and script-based attacks routinely slip by signature-matching systems. As an example, malware packers compress attack code to camouflage malicious software so security researchers and AV software are unable to recognize the threat.

Detection and Response: During the Attack
The second part of the EPP lifecycle involves reacting to a cyber attack while the malicious code is executing. ProSight ASM uses next-generation endpoint protection technology to spot malicious activity caused by any threat that breaks through the first line of defense. In order to compromise data, even file-less threats like a memory-based attack perform recognizable activities such as creating an executable file without permission. ProSight ASM's compact agent monitors activity in every protected endpoint device and uses advanced behavioral threat analysis and full execution context to detect new attacks as soon as they start. When an attack is identified, ProSight ASM at once isolates the impacted endpoint from the network to contain the damage. Since the ProSight ASM agent operates autonomously, endpoints remain secured even when they are disconnected from the Internet.

Remediation: After the Attack
After containing an attack, ProSight ASM starts the mitigation phase of protection. When ProSight ASM is integrated with Windows Volume Shadow Copy Service (Windows VSS), changes to data caused by a cyber attack can be automatically rolled back to a trusted state with one click. ProSight ASM also logs any system-level files and settings that were altered by the attack and what files were fixed. Whenever ProSight ASM uncovers a new malware binary, the code is flagged and all devices on the network that are protected by agents are immunized against the new attack. Also, the ProSight ASM management console offers extensive forensics such as an intuitive visualization of the attack's storyline across the network from beginning to end. This audit trail of how an attack progressed through the network helps you assess the damage and highlights vulnerabilities in policies or work habits that should be corrected to avoid future breaches.

ProSight ASM Attack Storyline

ProSight ASM's management console provides a real-time storyline of a threat's path through the network

Download the ProSight Active Security Monitoring Services Datasheet
To view or download a datasheet describing the key features of ProSight Active Security Monitoring, click:
Progent's ProSight Active Security Monitoring Services Datasheet. (PDF - 89 KB)

Additional ProSight Managed Services Available from Progent
In addition to ProSight Active Security Monitoring, Progent's ProSight family of network management services includes other affordable, fixed-price managed services that allow you to outsource key aspects of IT network management including backup and disaster recovery, network infrastructure monitoring and management, email content filtering, VM hosting, and IT documentation management. By partnering with some of the industry's leading technology vendors, Progent can offer small and mid-size businesses the benefits of the same advanced technology used by the world's largest enterprises. Managed services offered by Progent include:

  • ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Protection and Microsoft Exchange Filtering
    ProSight Enhanced Security Protection (ESP) services deliver ultra-affordable multi-layer security for physical and virtual servers, desktops, smartphones, and Microsoft Exchange. ProSight ESP uses contextual security and modern behavior analysis for continuously monitoring and reacting to cyber assaults from all vectors. ProSight ESP delivers two-way firewall protection, penetration alerts, endpoint management, and web filtering via cutting-edge tools packaged within a single agent accessible from a unified console. Progent's data protection and virtualization experts can help your business to design and configure a ProSight ESP deployment that addresses your company's specific requirements and that helps you achieve and demonstrate compliance with legal and industry data security standards. Progent will help you define and configure security policies that ProSight ESP will enforce, and Progent will monitor your network and react to alarms that require immediate action. Progent can also assist your company to set up and verify a backup and restore solution such as ProSight Data Protection Services (DPS) so you can recover quickly from a potentially disastrous cyber attack like ransomware. Learn more about Progent's ProSight Enhanced Security Protection (ESP) unified physical and virtual endpoint protection and Microsoft Exchange filtering.

  • ProSight Data Protection Services: Managed Backup and Recovery
    ProSight Data Protection Services provide small and mid-sized organizations an affordable end-to-end service for secure backup/disaster recovery (BDR). For a fixed monthly price, ProSight DPS automates and monitors your backup processes and enables fast restoration of critical files, apps and VMs that have become lost or damaged due to component failures, software bugs, natural disasters, human error, or malicious attacks such as ransomware. ProSight DPS can help you back up, retrieve and restore files, folders, applications, system images, plus Microsoft Hyper-V and VMware images. Critical data can be protected on the cloud, to an on-promises storage device, or to both. Progent's cloud backup consultants can provide advanced expertise to configure ProSight Data Protection Services to be compliant with regulatory requirements such as HIPPA, FINRA, PCI and Safe Harbor and, when necessary, can help you to recover your business-critical information. Learn more about ProSight Data Protection Services Managed Cloud Backup and Recovery.

  • ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
    ProSight Email Guard is Progent's spam filtering and email encryption service that uses the technology of leading information security companies to provide centralized control and comprehensive protection for all your inbound and outbound email. The hybrid structure of Email Guard combines cloud-based filtering with a local security gateway device to provide complete protection against spam, viruses, Dos Attacks, Directory Harvest Attacks (DHAs), and other email-borne threats. Email Guard's Cloud Protection Layer acts as a preliminary barricade and keeps the vast majority of unwanted email from reaching your security perimeter. This reduces your exposure to inbound attacks and saves network bandwidth and storage space. Email Guard's onsite gateway appliance adds a deeper layer of analysis for incoming email. For outbound email, the local gateway offers anti-virus and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The on-premises security gateway can also assist Exchange Server to monitor and protect internal email that stays within your corporate firewall. For more information, see Email Guard spam filtering and data leakage protection.

  • ProSight WAN Watch: Infrastructure Management
    ProSight WAN Watch is a network infrastructure monitoring and management service that makes it easy and affordable for small and mid-sized businesses to map out, monitor, optimize and debug their networking appliances such as routers, firewalls, and load balancers plus servers, printers, endpoints and other devices. Using state-of-the-art Remote Monitoring and Management technology, ProSight WAN Watch makes sure that infrastructure topology diagrams are always current, captures and displays the configuration information of almost all devices on your network, monitors performance, and generates alerts when issues are detected. By automating tedious network management activities, ProSight WAN Watch can cut hours off common tasks such as making network diagrams, reconfiguring your network, locating devices that require critical software patches, or resolving performance issues. Learn more about ProSight WAN Watch infrastructure management consulting.

  • ProSight LAN Watch: Server and Desktop Monitoring and Management
    ProSight LAN Watch is Progentís server and desktop remote monitoring service that uses advanced remote monitoring and management techniques to help keep your network running efficiently by checking the health of critical assets that drive your business network. When ProSight LAN Watch detects a problem, an alarm is transmitted immediately to your designated IT management personnel and your Progent engineering consultant so any potential problems can be addressed before they can impact your network. Learn more details about ProSight LAN Watch server and desktop monitoring services.

  • ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
    With Progent's ProSight Virtual Hosting service, a small business can have its critical servers and applications hosted in a secure Tier III data center on a fast virtual machine host set up and managed by Progent's IT support professionals. With the ProSight Virtual Hosting model, the client retains ownership of the data, the operating system platforms, and the apps. Because the environment is virtualized, it can be moved immediately to a different hosting environment without requiring a time-consuming and difficult reinstallation procedure. With ProSight Virtual Hosting, your business is not locked into a single hosting provider. Find out more details about ProSight Virtual Hosting services.

  • ProSight IT Asset Management: Network Documentation Management
    Progent's ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to capture, update, find and safeguard information about your IT infrastructure, procedures, business apps, and services. You can quickly locate passwords or serial numbers and be warned about upcoming expirations of SSLs or domains. By cleaning up and organizing your network documentation, you can save up to 50% of time spent trying to find critical information about your network. ProSight IT Asset Management includes a centralized repository for holding and collaborating on all documents required for managing your business network such as standard operating procedures (SOPs) and How-To's. ProSight IT Asset Management also offers advanced automation for collecting and relating IT information. Whether youíre planning improvements, doing regular maintenance, or responding to a crisis, ProSight IT Asset Management gets you the data you require the instant you need it. Read more about Progent's ProSight IT Asset Management service.
Download Progent's 10 Benefits of Managed IT Services White Paper
To view a white paper describing why managed services are rapidly replacing the old break/fix model of network support outsourcing for small and mid-size organizations, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)

ProSight Network Audits
Progent's ProSight Network Audits are a fast and low-cost alternative for small and mid-size organizations to get an unbiased assessment of the health of their IT system. Powered by a selection of the top remote monitoring and management platforms available, and overseen by Progent's world-class team of IT experts, ProSight Network Audits help you see how well the deployment of your core infrastructure assets conform to leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are available at a low, one-time cost and provide immediate benefits such as a cleaner Active Directory environment. Both also include a year of advanced remote network monitoring and management (RMM). Benefits can include lower-cost management, improved compliance with information security standards, higher utilization of network assets, quicker troubleshooting, more dependable backup and recovery, and higher availability. See more about ProSight Network Audits network infrastructure review.

Progent's ProSight Ransomware Preparedness Report Service
The ProSight Ransomware Preparedness Report is a low-cost service built around a phone discussion with a Progent information assurance consultant. The fact-finding interview is designed to evaluate your organization's preparedness either to block ransomware or recover quickly from a ransomware incident. Progent will work with you personally to collect information concerning your existing security profile and backup system, and Progent will then produce a custom Basic Security and Best Practices Report detailing how you can apply industry best practices to create a cost-effective AV and backup system that minimizes your vulnerability to ransomware and meets your business requirements. For details, visit The ProSight Ransomware Preparedness Report.

The Progent Edge
Progent's roster of over 100 IT consultants includes experts who have earned certifications in all facets of network technology associated with small and mid-size businesses. This broad scope of skills positions Progent to be your single point of contact with technology vendors and a reliable source of guidance and troubleshooting know-how to help you manage your business network. Progent has built an especially strong team of data security specialists who can help you protect your information and maximize the business value of your network. Besides the endpoint security offered by ProSight Active Security Monitoring, Progent provides additional managed services and value-priced service packages intended to assist small and mid-size organizations to build and manage networks that deliver enterprise-class security and compliance on a small-business budget.

Progent offers expert support for all endpoints, servers and VMs protected by ProSight Active Security Monitoring. Expertise offered by Progent includes Windows 10 configuration, Linux integration, Mac OS X and macOS support, iPhone and iPad management, Android integration, Windows Hyper-V support, and VMware vSphere planning and support. To implement the single-click rollback feature of ProSight Active Security Monitoring, Progent's Windows Server consultants can assist you to configure Windows Volume Shadow Copy Service. In addition, Progent offers remote and on-premises support from certified Cisco CCIE network infrastructure consultants to help you design, secure, or troubleshoot your infrastructure. If your network makes use of public cloud services, Progent can provide the expertise of Microsoft Azure consultants and Amazon AWS consultants to help you build and manage hybrid networking solutions that seamlessly integrate local and cloud-based resources.

Other Affor5dable Service Packages Available from Progent
In addition to the ProSight suite of network management services, Progent offers affordable, one-time service packages to assist small and mid-size companies to verify compliance with internal or regulatory security requirements. These low-cost services include security vulnerability evaluation and penetration testing. Progent can also provide high-level disaster recovery planning consulting and business continuity planning consulting to help make sure you can resume your business activity as soon as possible following a catastrophe.

Contact Progent about ProSight Active Security Monitoring Services
To find out more about how Progent can help you set up an affordable, fully managed endpoint security solution with ProSight Active Security Monitoring, call 1-800-993-9400 or visit Contact Progent.
















© 2002- 2018 Progent Corporation. All rights reserved.


More topics of interest:
  • ProSight Endpoint Security Troubleshooting Lincoln, CA
  • Endpoint Virus Immunization Remote Technical Support Los Altos, CA
  • CISSP Firewall Support
  • ProSight Endpoint Protection IT Services in Cincinnati
  • Computer Virus Forensics Online Technical Support in St. Paul
  • Independent ProSight Endpoint Protection Troubleshooting