Progent's ProSight Active Security Monitoring services include behavior analysis heuristics by SentinelOne to offer best-in-class protection for endpoints and servers. This approach to malware defense addresses the new generation of cyber attacks, such as ransomware, which easily evade detection by legacy signature-based anti-virus techniques. Progent is a SentinelOne Partner, reseller, and integrator.
Progent's ProSight Active Security Monitoring offers small and mid-sized companies the benefits of the same anti-virus tools used by many of the world's largest corporations such as Walmart, Citi, and Salesforce. By providing in-line malware blocking, classification, mitigation, repair and forensics in a single integrated platform, Progent's ProSight Active Security Monitoring reduces TCO, simplifies administration, and expedites resumption of operations. The next-generation endpoint protection engine incorporated in Progent's ASM was listed by Gartner Group as the "most visionary Endpoint Protection Platform."
ProSight Active Security Monitoring online services utilize a low-profile software agent loaded on every enrolled device in order to form an active security matrix that reacts to suspected malware in real time and sets into play unified defense that includes:
Progent's ASM and the Current Cybersecurity Environment
Most ransomware break-ins could have been blocked by modern cybersecurity utilities. Unfortunately, some assaults will break through the most well-planned protective measures. The modern security landscape is too filled with relentless bad actors, including government-sponsored hackers, for any organization to consider itself entirely safe. Given this reality, ProSight Active Security Monitoring is intended not just to prevent malware from gaining access to your network, but also to respond powerfully to any detected penetration. This includes immediate isolation of compromised machines, automatic threat removal, machine-speed inoculation of all endpoints by means of local agents, single-click rollback to a pre-attack state and extensive forensic analysis to help you understand how to bolster your security posture to ward off future attacks. By providing leading-edge defenses during all facets of a malware attack, ProSight ASM represents an end-to-end solution for dealing with today's increasingly dangerous security environment and avoiding the financial and public image loss attendant on a serious security breach.
Endpoint devices like desktops, laptops and phones are the most vulnerable and most commonly attacked elements of an IT network. ProSight ASM services provide a single endpoint protection platform to handle the full lifecycle of a cyber attack including filtering, identification, containment, recovery and analytics. Threats recognized by Progent's Active Security Monitoring include:
Next-generation anti-virus tools reinforce conventional signature matching with behavior monitoring. This approach tracks the activity of a potential threat and decides whether the behavior is typical and safe or unusual and potentially dangerous. For example, does the code in question impact an exceptionally large number of processes? Does it alter the registry? Does it copy keystrokes? Basically, behavior analysis concentrates on suspicious activities instead of on a fixed signature, which a cyber criminal can easily get around just by modifying a few bytes of malicious code.
Blocking: Prior to the Break-in
Zero-day malware attacks are being developed quickly enough to overwhelm the capacity of signature-based AV platform providers. The industry started to recognize the limitations of signature-matching endpoint protection about a decade ago. Since then things have grown more serious.
Progent's ASM uses intelligent cloud-based AV centers and reputation services from leading vendors to stop recognized malware attacks. This combined with deep file analysis and dynamic blacklisting and whitelisting give Progent's ASM an edge over traditional anti-virus products. Still, prevention is only the initial phase of modern anti-virus protection. Sophisticated attacks, file-less and script-based malware easily slip by signature-matching defenses. As an example, cyber criminals often employ a packing tool to modify a malicious file's format so cybersecurity labs and AV software are unable to recognize the threat.
Recognition and Mitigation: During the Attack
The next phase of the endpoint protection lifecycle involves responding to an attack while the malware code is running following a breach. Progent's ProSight Active Security Monitoring uses advanced endpoint protection techniques to spot malicious activity resulting from any attack that penetrates the initial line of defense. In order to modify data, even file-less threats like memory-based malware carry out suspicious behaviors such as creating an executable file without permission. Progent's ASM's compact resident software agent monitors activity in every enrolled endpoint and uses modern behavioral threat analysis and deep activity background to recognize new assaults immediately after they occur. After an attack is identified, Progent's ProSight Active Security Monitoring immediately isolates the impacted endpoint device from the network to minimize the damage. Because the ProSight Active Security Monitoring software agent operates independently, endpoint devices remain secured even if they are disconnected from the Internet.
Recovery: After a Break-in
After isolating a malware assault, Progent's ProSight ASM begins the recovery phase of protection. If ProSight Active Security Monitoring is implemented with Windows Volume Shadow Copy Service (Windows VSS), changes to data made by a cyber assault can be automatically rolled back to a trusted state with a single click. Progent's Active Security Monitoring also records any system-level files and settings that were altered by the malware and what files were restored. If ProSight Active Security Monitoring uncovers a recent malicious binary, the code is tagged and all devices on the system that are protected by software agents are immunized against the new attack. Also, the Progent's Active Security Monitoring management tool offers extensive forensics like an informative visualization of the assault's progress throughout the targeted network from beginning to end. This audit trail of how an assault progressed within the network assists you to assess the impact and uncovers shortcomings in policies or processes that should be corrected to prevent future breaches.
Download the ProSight Active Security Monitoring Datasheet
To download a PDF datasheet describing the key features and benefits of Progent's ProSight Active Security Monitoring services, click:
Progent's ProSight ASM Ransomware Protection Datasheet. (PDF - 89 KB)
Contact Progent about ProSight ASM Services
To learn more about ways Progent can assist your business set up an economical and efficient crypto-ransomware protection solution with Progent's Active Security Monitoring service, call