Progent's Active Security Monitoring (ASM) services feature behavior analysis and AI technology by SentinelOne to provide best-in-class defense for endpoints and virtual and physical servers. This approach to malware defense is designed to meet the latest generation of cyber attacks, like ransomware, which easily evade filtering by conventional signature-based AV technology. Progent is a SentinelOne Partner, dealer, and integrator.
Progent's Active Security Monitoring offers small and medium-sized companies the advantages of the identical AV technology implemented by some of the world's biggest enterprises including Netflix, Citi, and NASDAQ. By providing in-line malware blocking, classification, mitigation, repair and analysis in a single integrated platform, Progent's ProSight ASM lowers total cost of ownership, streamlines management, and expedites resumption of operations. The next-generation endpoint protection engine built into in Progent's Active Security Monitoring was listed by Gartner Group as the "most visionary Endpoint Protection Platform (EPP)."
Progent's Active Security Monitoring remote services rely on a small-footprint software agent loaded on each protected endpoint and server in order to create an active security grid that responds to suspected attacks instantly and orchestrates unified defense that includes:
Progent's Active Security Monitoring and the Current Cybersecurity Environment
The vast majority of ransomware breaches could have been deterred by current security tools. Unfortunately, some assaults will break through the most well-planned protective measures. The modern cybersecurity landscape is too crowded with relentless extortionists, including government-sponsored hackers, for any organization to be entirely safe. With this in mind, ProSight Active Security Monitoring is intended not just to keep malware from breaching your network, but also to react powerfully to any detected penetration. This entails instant isolation of infected devices, AI-based threat removal, fast immunization of all machines via embedded agents, single-click rollback to a pre-attack state and extensive forensics to help you understand how to enhance your security posture to foil subsequent attacks. By providing leading-edge protection during all phases of a cyber assault, ProSight ASM represents an end-to-end solution for dealing with the increasingly dangerous security landscape and escaping the economic and reputation loss attendant on a serious security breach.
Endpoints like desktops, notebooks and phones are the most vulnerable and most commonly attacked components of a network. Progent's ProSight Active Security Monitoring services provide a unified endpoint protection (EPP) platform to handle the full lifecycle of a cyber assault including filtering, classification, remediation, cleanup and forensics. Malware attacks managed by Progent's ASM include:
Modern AV platforms reinforce conventional signature matching with behavior analysis. This technology examines the activity of a possible threat and determines if the activity is typical and innocuous or abnormal and possibly dangerous. For example, does the software in question impact an unusually large set of processes? Does it alter the registry? Does it log keystrokes? Basically, behavior monitoring focuses on suspicious actions rather than on a fixed signature, which a cyber criminal can quickly get around simply by changing a few bytes of malware software code.
Blocking: Before the Breach
Zero-day threats are being manufactured quickly enough to overwhelm the ability of signature-based AV platform providers. The market began to recognize the shortcomings of signature-matching endpoint protection around 2012. Since that time the situation has grown more serious.
ProSight Active Security Monitoring uses modern cloud-based AV centers and reputation services from leading providers to stop known threats. This combined with deep file analysis and dynamic blacklisting and whitelisting give Progent's ProSight Active Security Monitoring an advantage over traditional anti-virus products. However, prevention is only the initial line of modern anti-virus defense. Sophisticated attacks, file-less and script-based malware easily slip by signature-matching defenses. As an example, hackers often use a so-called packing technique to compress a malicious file's format so cybersecurity researchers and AV software can't detect the attack.
Recognition and Response: During the Assault
The next phase of the EPP lifecycle involves reacting to a cyber attack while the malicious code is executing after a break-in. Progent's ASM uses advanced EPP technology to detect malware activity resulting from any threat that penetrates the first wall of protection. In order to modify data, even file-free threats like memory-resident assaults carry out red-flag behaviors such as creating an executable file with no authorization. Progent's ProSight Active Security Monitoring's small-footprint embedded software agent monitors activity in every protected endpoint and uses advanced behavioral analysis and deep execution background to recognize new attacks immediately after they occur. When an attack is detected, Progent's ProSight Active Security Monitoring at once isolates the infected endpoint from the grid to minimize the damage. Since the Progent's ProSight Active Security Monitoring embedded agent operates autonomously, endpoint devices stay secured even when they are not connected to the Internet.
Recovery: After a Penetration
After containing a malware attack, Progent's ASM initiates the cleanup process. When Progent's ProSight ASM is integrated with Microsoft Windows Volume Shadow Copy Service (Windows VSS), changes to data caused by a cyber assault can be automatically returned to a trusted condition with one click. Progent's ASM also records any system-level files and configurations that were altered by the assault and what files were fixed. If ProSight ASM uncovers a new malware binary, the malware code is tagged and any devices on the grid that are protected by ASM agents are immunized against the latest attack. In addition, the Progent's ProSight ASM management tool includes extensive forensics like an informative display of the attack's progress across the network from start to finish. This audit trail of how an attack progressed through the network helps you to evaluate the impact and uncovers vulnerabilities in policies or processes that should be corrected to avoid future break-ins.
Download the ProSight ASM Datasheet
To download a PDF datasheet about the key features of Progent's ASM services, click:
Progent's ProSight Active Security Monitoring Ransomware Protection Services Datasheet. (PDF - 89 KB)
Contact Progent about ProSight ASM Services
To learn more information about how Progent can help you set up an affordable and effective crypto-ransomware defense system with ProSight Active Security Monitoring service, call