Progent's ProSight Active Security Monitoring (ASM) services feature behavior analysis technology by SentinelOne to provide best-in-class defense for endpoints and virtual and physical servers. This approach to malware defense addresses the new wave of cyber threats, such as crypto-ransomware, which routinely evade detection by conventional signature-based anti-virus (AV) techniques. Progent is a SentinelOne Partner, dealer, and integrator.
ProSight ASM gives small and mid-sized businesses the advantages of the same anti-virus technology used by some of the world's biggest corporations including Walmart, Citi, and NASDAQ. By delivering in-line malware blocking, detection, mitigation, repair and analysis in a single integrated platform, Progent's ASM reduces total cost of ownership, simplifies administration, and promotes rapid recovery. The next-generation endpoint protection (NGEP) built into in Progent's ProSight ASM was listed by Gartner Group as the "most visionary Endpoint Protection Platform (EPP)."
ProSight ASM services rely on a small-footprint software agent loaded on every protected endpoint and server to form a dynamic cybersecurity grid that responds to suspected attacks in real time and orchestrates unified protection that includes:
Progent's ProSight Active Security Monitoring and the Current Threat Landscape
The vast majority of ransomware break-ins could have been deterred by modern security utilities. Unfortunately, some attacks will break through the most well-planned protective measures. The modern security landscape is too crowded with tireless bad actors, including government-sponsored hackers, for any organization to be entirely safe. Given this reality, Progent's ProSight ASM is designed not simply to keep ransomware from breaching your network, but also to respond powerfully to any breach. This entails immediate isolation of compromised devices, AI-based threat removal, machine-speed vaccination of all machines via embedded agents, single-click restore to a pre-attack state and comprehensive forensics to help you understand how to bolster your security profile to foil future attacks. By providing advanced protection during all phases of a malware attack, Progent's ProSight Active Security Monitoring represents an end-to-end platform for surviving the increasingly dangerous cybersecurity environment and escaping the economic and public image loss associated with a serious cybersecurity breach.
Endpoints like PCs, notebooks and phones are the most susceptible and most commonly targeted components of an IT network. Progent's Active Security Monitoring services offer a single endpoint protection platform to handle the complete lifecycle of a malicious attack including blocking, identification, containment, cleanup and analytics. Malware attacks managed by Progent's ProSight ASM include:
Next-generation anti-virus tools reinforce conventional signature matching with behavior analysis. This technique examines the actions of a possible attack and decides if the activity is typical and innocuous or abnormal and possibly threatening. For example, does the software under observation affect an unusually large set of processes? Does it modify the registry? Does it log keystrokes? Essentially, behavior analysis focuses on potentially dangerous activities rather than on a pre-calculated digital signature, which a threat actor can easily get around just by modifying a few bytes of malware software code.
Blocking: Before the Break-in
New malware attacks are being manufactured fast enough to swamp the capacity of signature-style AV software vendors. The market started to acknowledge the shortcomings of signature-matching endpoint protection around 2012. Since then the situation has become worse.
Progent's Active Security Monitoring utilizes intelligent cloud-hosted anti-virus labs and whitelisting/blacklisting services from leading vendors to stop recognized malware attacks. This integrated with deep file analysis and shared blacklisting and whitelisting give Progent's ProSight Active Security Monitoring an edge over traditional AV products. Still, prevention is only the first stage of next-generation anti-virus protection. Modern attacks, file-less and script-dependent malware easily slip by signature-based systems. For instance, attackers often use a packing technique to modify malware code so security labs and AV software are unable to detect the threat.
Recognition and Response: During the Attack
The next phase of the endpoint protection lifecycle involves reacting to an attack while the malicious code is running following a breach. Progent's ASM utilizes advanced endpoint protection techniques to spot malicious activity resulting from any attack that breaks through the first wall of protection. In order to compromise information, even file-free threats like memory-resident assaults carry out red-flag behaviors such as creating an executable file with no authorization. Progent's ProSight Active Security Monitoring's compact resident software agent tracks activity in every enrolled endpoint device and utilizes advanced behavioral analysis and deep activity background to detect new attacks immediately after they start. When an attack is detected, Progent's ProSight ASM immediately quarantines the infected endpoint device from the grid to contain the damage. Because the Progent's ProSight ASM embedded agent operates autonomously, endpoints stay secured even when they are not connected to the Internet.
Remediation: After a Penetration
After isolating an attack, Progent's ProSight Active Security Monitoring begins the restoration phase of protection. When Progent's ASM is implemented with Windows VSS, modifications to data made by a malware assault can be easily returned to a trusted condition with a single click. ProSight ASM also records all system-level files and settings that were changed by the malware and what files were recovered. Any time ProSight Active Security Monitoring detects a new malicious binary, the code is flagged and any devices on the network that are secured by software agents are inoculated against the new assault. In addition, the Progent's ASM management tool provides extensive forensics such as an intuitive display of the assault's storyline throughout the network from start to finish. This history of how an assault progressed through the network helps you to assess the impact and highlights shortcomings in rules or processes that need to be corrected to prevent later breaches.
Download the ProSight ASM Datasheet
To download a PDF datasheet about the major features of Progent's ProSight Active Security Monitoring services, click:
Progent's ProSight ASM Ransomware Protection Datasheet. (PDF - 89 KB)
Contact Progent about ProSight ASM Services
To find out more about how Progent can assist your business set up an economical and effective ransomware protection solution with Progent's ASM service, call