Progent's Active Security Monitoring (ASM) services feature advanced behavior analysis technology to provide best-in-class defense for all endpoints and servers. This modern approach to malware defense addresses the new wave of cyber attacks, such as ransomware, which easily avoid detection by conventional signature-matching AV techniques.
Progent's ProSight ASM offers small and mid-sized businesses the advantages of the identical anti-virus technology used by many of the world's biggest enterprises such as Netflix, Visa, and Salesforce. By providing in-line malware blocking, identification, containment, repair and analysis in a single integrated platform, Progent's ASM cuts total cost of ownership, simplifies management, and promotes rapid recovery. The next-generation endpoint protection (NGEP) built into in Progent's ProSight Active Security Monitoring was ranked by Gartner Group as the "most visionary Endpoint Protection Platform (EPP)."
ProSight ASM services rely on a low-profile agent running on each protected device to form an active cybersecurity matrix that reacts to suspected attacks in real time and orchestrates unified defense that includes:
ProSight ASM and the Current Threat Environment
Over 97% of ransomware breaches could have been prevented by current security utilities. Unfortunately, some attacks will break through the most well-planned defenses. Today's security environment is too filled with tireless extortionists, including state-funded cyber criminals, for any enterprise to consider itself impregnable. With this in mind, Progent's Active Security Monitoring is intended not just to prevent malware from establishing a foothold on your information network, but also to react decisively to any detected penetration. This includes immediate isolation of infected devices, automatic threat removal, fast vaccination of all machines via embedded agent software, one-click rollback to a safe state and comprehensive forensic analysis to help you understand how to enhance your security profile to foil future attacks. By delivering leading-edge protection during all facets of a cyber assault, Progent's ProSight ASM represents an end-to-end solution for surviving the increasingly dangerous security landscape and avoiding the financial and reputation loss associated with a major cybersecurity exploit.
Endpoint devices such as desktops, laptops and smartphones are the most susceptible and most commonly attacked elements of a network. Progent's Active Security Monitoring services offer a unified endpoint protection (EPP) solution to handle the full lifecycle of a cyber assault including blocking, classification, remediation, cleanup and analytics. Threats recognized by Progent's Active Security Monitoring include:
Modern anti-virus tools reinforce traditional signature matching with behavior analysis. This approach tracks the actions of a possible threat and decides whether the activity is normal and safe or unusual and potentially dangerous. For instance, does the software under observation impact an unusually large set of processes? Does it modify the registry? Does it save keystrokes? Essentially, behavior analysis focuses on potentially dangerous actions instead of on a fixed signature, which a cyber criminal can quickly nullify simply by changing a few inconsequential bytes of malicious code.
Blocking: Prior to the Breach
Novel threats are being created quickly enough to overwhelm the ability of signature-style anti-virus platform providers. The industry began to acknowledge the limitations of signature-matching EPP about a decade ago. Since then things have become worse.
Progent's ASM uses modern cloud-hosted anti-virus centers and whitelisting/blacklisting services from leading providers to block recognized malware attacks. This integrated with deep file inspection and shared blacklisting and whitelisting give ProSight ASM an edge over old-school AV products. However, prevention is only the first phase of modern AV protection. Sophisticated attacks, file-less and script-dependent malware routinely slip by signature-based defenses. For example, hackers often employ a so-called packing technique to modify malware code so cybersecurity researchers and AV software can't detect the attack.
Detection and Mitigation: During the Assault
The second phase of the endpoint protection lifecycle involves responding to a cyber attack while the malicious code is running after a break-in. Progent's ASM uses advanced endpoint protection technology to spot malware activity caused by any attack that breaks through the initial wall of protection. In order to compromise data, even file-free attacks such as memory-based malware perform red-flag actions like as creating an executable file without permission. ProSight Active Security Monitoring's small-footprint resident agent tracks activity in every enrolled endpoint and utilizes advanced behavioral analysis and deep activity background to detect new attacks as soon as they occur. After an assault is identified, Progent's Active Security Monitoring immediately quarantines the affected endpoint device from the grid to minimize the impact. Because the ProSight ASM embedded agent operates independently, endpoint devices remain secured even if they are not connected to the Internet.
Cleanup: After a Penetration
After isolating a malware assault, ProSight Active Security Monitoring initiates the cleanup phase of protection. If Progent's ASM is integrated with Windows Volume Shadow Copy Service, modifications to data made by a cyber attack can be quickly returned to a safe state with one click. Progent's ASM also logs any system files and settings that were altered by the assault and what files were fixed. If ProSight ASM detects a recent malicious binary, the code is flagged and all devices on the grid that are protected by agents are immunized against the latest attack. In addition, the Progent's ProSight Active Security Monitoring management console offers extensive forensics such as an intuitive display of the attack's progress across the targeted network from beginning to end. This audit trail of how an attack travelled within the network assists you to evaluate the impact and uncovers shortcomings in security policies or work habits that need to be rectified to prevent later breaches.
Download the ProSight ASM Datasheet
To download or read a PDF datasheet about the major features of Progent's ProSight Active Security Monitoring services, click:
ProSight Active Security Monitoring Ransomware Protection Datasheet. (PDF - 89 KB)
Contact Progent about ProSight Active Security Monitoring Services
To find out more about how Progent can assist you create an affordable and effective crypto-ransomware defense system with Progent's ProSight Active Security Monitoring service, call