Progent's ProSight Active Security Monitoring services, powered by SentinelOne's behavior-analysis technology, provides advanced protection for endpoints and servers. This modern approach to malware defense addresses the new wave of cyber attacks, like ransomware, which easily avoid detection by traditional signature-based anti-virus (AV) techniques. ProSight ASM gives small and mid-sized companies the benefits of the same AV technology deployed by some of the world's largest enterprises including Walmart, Netflix, Visa, Citi, NASDAQ, and Salesforce. By providing real-time malware blocking, detection, mitigation, recovery and forensics in a single integrated platform, ProSight ASM lowers total cost of ownership, streamlines management, and expedites recovery. The next-generation endpoint protection (NGEP) engine incorporated in ProSight ASM was ranked by Gartner Group as the industry's "most visionary Endpoint Protection Platform." Progent is a SentinelOne Partner, dealer, and integrator.
Progent's ProSight Active Security Monitoring services rely on a low-profile software agent running on every protected device in order to create an active security grid that reacts to potential malware in real time and orchestrates unified defense featuring:
ProSight Active Security Monitoring is available as an affordable fixed-cost monthly service, requires no special hardware, and protects onsite, mobile, and cloud-based resources. In case you experience a successful cyber attack, Progent can provide the services of CISSP-certified cybersecurity experts to work as your red team to help you utilize ProSight ASM's advanced tools to contain the intrusion, remove the malware from all affected devices, evaluate the damage, rollback your system to the last known healthy state, and document the source of the attack and its storyline within your network.
- Real-time protection for Microsoft Windows, Mac, Linux, iOS and Android devices
- Support for VMs powered by Hyper-V, VMware vSphere, and Citrix XenServer virtualization platforms
- In-depth OS-level monitoring
- Signature-less heuristics and extensive automation
- Modern behavioral analysis
- Detection of new generation attacks from all vectors
- Automated post-attack remediation
- Single-click rollback to last safe state after ransomware attack
- Instant and automatic immunization across the entire device grid
- Real-time visualization of an attack's progression through your network
- Comprehensive forensics for identifying vulnerabilities
- Centralized web-accessible management console
- HIPAA and PCI compliant
ProSight Active Security Monitoring and Today's Threat Landscape
Over 97% of successful malware attacks could have been blocked by modern security tools. But the industry has come to realize that, unfortunately, some attacks will succeed despite the best defenses. The modern security landscape is too filled with bad actors, including state-sponsored cyber criminals, for any enterprise to be entirely safe. With this in mind, ProSight Active Security Monitoring is designed not just to prevent malware from gaining access to your network, but also to react decisively to any detected penetration. This includes immediate isolation of compromised devices, automatic threat removal, machine-speed immunization of all endpoints via device-resident agents, single-click restore to a safe state, and comprehensive forensics to show you how to bolster your security profile to foil future attacks. By delivering leading-edge protection during all phases of a cyber attack, ProSight ASM provides a comprehensive solution for dealing with the increasingly dire security landscape and avoiding the financial and reputation loss associated with a major security breach.
Endpoints such as desktops, notebooks and smartphones are the most susceptible and most commonly attacked elements of an IT network. ProSight Active Security Monitoring services offer a unified endpoint protection (EPP) platform to handle the complete lifecycle of a cyber attack including blocking, identification, remediation, restoration and analytics. Threats managed by ProSight ASM include:
ProSight ASM's Behavior-based Threat Detection
- File-based attacks like ransomware, trojans, worms, backdoors and payload-based attacks
- File-less and memory-only attacks without disk-based indicators
- Document-based attacks incorporated within macros and Office and Adobe files
- Phishing and spear phishing email-based attacks (which are responsible for a high percentage of security breaches)
- Live attacks based on scripts like PowerShell, Powersploit, WMI, and VBS
- Credential-based attacks such as credential-scraping, Mimikatz, and tokens
Older-generation anti-virus (AV) software uses so-called "signature matching" as its primary mechanism for malware detection. With this technique, a distinct file hash, known as a signature, is calculated for every familiar threat. AV programs continually compare incoming data against ever-expanding signature tables, and block anything with a tell-tale signature. The problem with this technique is that new threats are now being generated much faster than AV labs can create and publish signatures. Next-generation AV platforms supplement traditional signature matching with behavior analysis. This technology examines the actions of a possible threat and decides whether the behavior is normal and safe or abnormal and potentially dangerous. For example, does the code in question impact an unusually large number of processes? Does it modify the registry? Does it log keystrokes? Basically, behavior analysis focuses on suspicious activities rather than on a signature, which a hacker can easily nullify just by changing a few inconsequential bytes of malware code.
Prevention: Prior to the Attack
New threats are being manufactured fast enough to overwhelm the capacity of signature-based AV platform providers. The industry has broadly recognized the shortcomings of signature-matching EPP since 2012. Since then things have grown worse quickly enough to qualify as a crisis.
Malware production has increased far faster than signature-based AV technology can respond
ProSight ASM uses intelligent cloud-based resources and reputation services from major vendors to block known threats. This combined with deep file inspection and dynamic blacklisting and whitelisting give ProSight ASM an advantage over traditional AV products. However, prevention is only the first stage of modern AV defense. Sophisticated exploits, file-less and script-based attacks routinely slip by signature-matching systems. As an example, malware packers compress attack code to camouflage malicious software so security researchers and AV software are unable to recognize the threat.
Detection and Mitigation: During the Attack
The second part of the EPP lifecycle involves reacting to a cyber attack while the malicious code is executing. ProSight ASM uses next-generation endpoint protection technology to spot malicious activity caused by any threat that breaks through the first line of defense. In order to compromise data, even file-less threats like a memory-based attack perform recognizable activities such as creating an executable file without permission. ProSight ASM's compact agent monitors activity in every protected endpoint device and uses advanced behavioral threat analysis and full execution context to detect new attacks as soon as they start. When an attack is identified, ProSight ASM at once isolates the impacted endpoint from the network to contain the damage. Since the ProSight ASM agent operates autonomously, endpoints remain secured even when they are disconnected from the Internet.
Cleanup: After a Break-in
After containing an attack, ProSight ASM starts the recovery phase of protection. When ProSight ASM is integrated with Windows Volume Shadow Copy Service (Windows VSS), changes to data caused by a cyber attack can be automatically rolled back to a trusted state with one click. ProSight ASM also logs any system-level files and settings that were altered by the attack and what files were fixed. Whenever ProSight ASM uncovers a new malware binary, the code is flagged and all devices on the network that are protected by agents are immunized against the new attack. Also, the ProSight ASM management console offers extensive forensics such as an intuitive visualization of the attack's storyline across the network from beginning to end. This audit trail of how an attack progressed through the network helps you assess the damage and highlights vulnerabilities in policies or work habits that should be corrected to avoid future breaches.
ProSight ASM's management console provides a real-time storyline of a threat's path through the network
Download the ProSight Active Security Monitoring Services Datasheet
To view or download a datasheet describing the key features of ProSight Active Security Monitoring, click:
Progent's ProSight Active Security Monitoring Services Datasheet. (PDF - 89 KB)
Additional ProSight Managed Services Available from Progent
In addition to ProSight Active Security Monitoring, Progent's ProSight family of network management services includes other affordable, fixed-price managed services that allow you to outsource key aspects of IT network management including backup and disaster recovery, network infrastructure monitoring and management, email content filtering, VM hosting, and IT documentation management. By partnering with some of the industry's leading technology vendors, Progent can offer small and mid-size businesses the benefits of the same advanced technology used by the world's largest enterprises. Managed services offered by Progent include:
Download Progent's 10 Benefits of Managed IT Services White Paper
- ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Protection and Exchange Email Filtering
ProSight Enhanced Security Protection (ESP) services offer ultra-affordable in-depth protection for physical servers and virtual machines, workstations, smartphones, and Microsoft Exchange. ProSight ESP uses adaptive security and advanced heuristics for continuously monitoring and reacting to cyber threats from all vectors. ProSight ESP offers firewall protection, intrusion alarms, device control, and web filtering through cutting-edge technologies packaged within one agent managed from a unified console. Progent's data protection and virtualization consultants can assist you to design and configure a ProSight ESP environment that addresses your company's unique needs and that allows you demonstrate compliance with government and industry data protection standards. Progent will assist you define and implement security policies that ProSight ESP will manage, and Progent will monitor your IT environment and respond to alarms that require urgent action. Progent can also assist your company to set up and test a backup and disaster recovery solution like ProSight Data Protection Services (DPS) so you can get back in business quickly from a potentially disastrous cyber attack like ransomware. Learn more about Progent's ProSight Enhanced Security Protection unified physical and virtual endpoint protection and Microsoft Exchange email filtering.
- ProSight Data Protection Services (DPS): Backup and Recovery Services
Progent has partnered with leading backup/restore software companies to create ProSight Data Protection Services, a family of subscription-based offerings that provide backup-as-a-service (BaaS). ProSight DPS services manage and monitor your backup operations and enable non-disruptive backup and fast recovery of important files, applications, system images, and Hyper-V and VMware virtual machines. ProSight DPS helps your business recover from data loss resulting from hardware failures, natural calamities, fire, malware like ransomware, user mistakes, malicious insiders, or application bugs. Managed services in the ProSight DPS portfolio include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro 365 Backup), ProSight ECHO Backup based on Barracuda dedicated storage, and ProSight DPS MSP360 Hybrid Backup. Your Progent consultant can assist you to determine which of these managed backup services are most appropriate for your network.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering and email encryption service that incorporates the technology of top information security companies to provide centralized control and world-class protection for all your email traffic. The hybrid architecture of Progent's Email Guard managed service integrates a Cloud Protection Layer with an on-premises security gateway appliance to offer advanced defense against spam, viruses, Denial of Service Attacks, Directory Harvest Attacks (DHAs), and other email-based malware. Email Guard's cloud filter serves as a preliminary barricade and blocks most unwanted email from reaching your network firewall. This decreases your vulnerability to inbound threats and conserves system bandwidth and storage space. Email Guard's on-premises security gateway device provides a further level of analysis for inbound email. For outgoing email, the on-premises gateway provides anti-virus and anti-spam filtering, protection against data leaks, and email encryption. The onsite gateway can also help Exchange Server to monitor and safeguard internal email that stays within your security perimeter. For more information, visit ProSight Email Guard spam filtering and data leakage protection.
- ProSight WAN Watch: Infrastructure Management
Progent's ProSight WAN Watch is an infrastructure management service that makes it easy and inexpensive for small and mid-sized businesses to map out, track, reconfigure and troubleshoot their connectivity hardware such as routers and switches, firewalls, and access points plus servers, printers, endpoints and other networked devices. Using cutting-edge Remote Monitoring and Management (RMM) technology, ProSight WAN Watch makes sure that network maps are kept updated, captures and displays the configuration of almost all devices connected to your network, tracks performance, and generates notices when potential issues are detected. By automating tedious network management processes, ProSight WAN Watch can knock hours off common tasks like making network diagrams, expanding your network, locating devices that require important updates, or resolving performance problems. Learn more about ProSight WAN Watch infrastructure monitoring and management consulting.
- ProSight LAN Watch: Server and Desktop Monitoring
ProSight LAN Watch is Progent's server and desktop monitoring service that uses advanced remote monitoring and management technology to keep your network running efficiently by checking the state of critical assets that drive your business network. When ProSight LAN Watch detects an issue, an alarm is sent immediately to your specified IT management staff and your assigned Progent consultant so any looming problems can be resolved before they can disrupt your network. Find out more about ProSight LAN Watch server and desktop remote monitoring consulting.
- ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
With Progent's ProSight Virtual Hosting service, a small or mid-size organization can have its critical servers and applications hosted in a protected fault tolerant data center on a high-performance virtual host configured and maintained by Progent's network support professionals. With Progent's ProSight Virtual Hosting model, the client retains ownership of the data, the OS software, and the apps. Since the system is virtualized, it can be ported easily to a different hosting environment without requiring a time-consuming and technically risky reinstallation process. With ProSight Virtual Hosting, your business is not tied a single hosting service. Learn more about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
ProSight IT Asset Management service is a cloud-based IT documentation management service that makes it easy to create, update, find and protect data related to your network infrastructure, procedures, applications, and services. You can quickly locate passwords or IP addresses and be alerted about upcoming expirations of SSL certificates or domains. By cleaning up and managing your IT infrastructure documentation, you can eliminate as much as 50% of time wasted searching for vital information about your network. ProSight IT Asset Management includes a centralized location for storing and sharing all documents related to managing your network infrastructure like standard operating procedures (SOPs) and self-service instructions. ProSight IT Asset Management also supports advanced automation for collecting and relating IT data. Whether you're making improvements, performing regular maintenance, or responding to an emergency, ProSight IT Asset Management delivers the information you require when you need it. Find out more about ProSight IT Asset Management service.
- Progent Active Protection Against Ransomware: Machine Learning-based Ransomware Detection and Cleanup
Progent's Active Protection Against Ransomware is an endpoint protection managed service that incorporates cutting edge behavior-based machine learning technology to guard endpoint devices and physical and virtual servers against modern malware attacks such as ransomware and file-less exploits, which routinely get by legacy signature-based AV products. Progent Active Security Monitoring services protect local and cloud-based resources and offers a unified platform to manage the entire malware attack progression including protection, detection, containment, remediation, and post-attack forensics. Top capabilities include one-click rollback with Windows Volume Shadow Copy Service and automatic network-wide immunization against new attacks. Find out more about Progent's ransomware defense and recovery services.
- Outsourced/Co-managed Call Center: Help Desk Managed Services
Progent's Help Desk services allow your information technology group to outsource Call Center services to Progent or divide responsibilities for Service Desk support seamlessly between your internal network support group and Progent's nationwide pool of certified IT service technicians, engineers and subject matter experts (SMEs). Progent's Shared Help Desk Service offers a smooth supplement to your corporate IT support organization. User access to the Help Desk, delivery of support, issue escalation, trouble ticket creation and updates, efficiency measurement, and maintenance of the service database are cohesive whether issues are taken care of by your corporate IT support staff, by Progent, or a mix of the two. Find out more about Progent's outsourced/co-managed Help Center services.
- Progent's Patch Management: Software/Firmware Update Management Services
Progent's managed services for software and firmware patch management provide businesses of all sizes a versatile and affordable solution for evaluating, validating, scheduling, implementing, and documenting updates to your dynamic IT system. Besides maximizing the protection and functionality of your computer network, Progent's patch management services allow your IT staff to focus on more strategic initiatives and activities that deliver the highest business value from your network. Read more about Progent's patch management services.
- ProSight Duo Two-Factor Authentication: Access Security, Endpoint Policy Enforcement, and Secure Single Sign-on
Progent's Duo MFA services incorporate Cisco's Duo technology to defend against stolen passwords by using two-factor authentication. Duo enables single-tap identity confirmation with iOS, Android, and other out-of-band devices. Using Duo 2FA, when you sign into a secured online account and give your password you are requested to confirm who you are via a device that only you have and that uses a different network channel. A broad selection of devices can be utilized for this added means of authentication including a smartphone or watch, a hardware token, a landline phone, etc. You may register multiple verification devices. For details about Duo two-factor identity validation services, see Duo MFA two-factor authentication services.
- ProSight Reporting: Real-time Reporting for Ticketing and Network Monitoring Platforms
ProSight Reporting is a growing suite of in-depth reporting utilities created to work with the leading ticketing and network monitoring applications including ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne. ProSight Reporting uses Microsoft Graph and features color coding to surface and contextualize critical issues like spotty support follow-up or machines with out-of-date AVs. By identifying ticketing or network health problems clearly and in near-real time, ProSight Reporting improves network value, reduces management hassle, and saves money. For more information, see ProSight Reporting for ticketing and network monitoring platforms.
To view a white paper explaining why managed services are rapidly replacing the old break/fix model of IT support for small and mid-size organizations, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits offer a quick and affordable alternative for small and medium-size businesses to obtain an unbiased evaluation of the health of their information system. Powered by a selection of the leading remote monitoring and management tools in the industry, and supervised by Progent's certified team of IT professionals, ProSight Network Audits show you how well the deployment of your core network devices conform to industry best practices. The Basic and Advanced versions of ProSight Network Audit services are available at a budget-friendly, one-time cost and provide immediate benefits such as a more manageable Active Directory (AD) system. Both versions also include a year of state-of-the-art remote network monitoring and management (RMM). Advantages can include easier management, improved compliance with government and industry security regulations, more efficient utilization of network resources, faster problem resolution, more reliable backup and recovery, and less downtime. See more about ProSight Network Audits IT infrastructure review.
The ProSight Ransomware Preparedness Report
Progent's ProSight Ransomware Preparedness Report is an affordable service based on a phone interview with a Progent information assurance consultant. The interview is designed to evaluate your organization's ability to block ransomware or recover quickly after an attack by a ransomware strain like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch or Egregor. Progent will work with you directly to collect information concerning your existing cybersecurity posture and backup procedures, and Progent will then deliver a custom Basic Security and Best Practices Report document describing how you can apply industry best practices to create an efficient security and backup system that reduces your vulnerability to a ransomware attack and aligns with your company's requirements. For additional information, see The ProSight Ransomware Preparedness Report Service.
The Progent Edge
Progent's roster of over 100 IT consultants includes experts who have earned certifications in all facets of network technology associated with small and mid-size businesses. This broad scope of skills positions Progent to be your single point of contact with technology vendors and a reliable source of guidance and troubleshooting know-how to help you manage your business network. Progent has built an especially strong team of data security specialists who can help you protect your information and maximize the business value of your network. Besides the endpoint security offered by ProSight Active Security Monitoring, Progent provides additional managed services and value-priced service packages intended to assist small and mid-size organizations to build and manage networks that deliver enterprise-class security and compliance on a small-business budget.
Progent offers expert support for all endpoints, servers and VMs protected by ProSight Active Security Monitoring. Expertise offered by Progent includes Windows 11 planning and migration consulting, Windows 10 configuration, Linux integration, Mac OS X and macOS support, iPhone and iPad management, Android integration, Windows Server 2022 integration expertise, Windows Server 2019 migration consulting, Windows Hyper-V support, and VMware vSphere planning and support. To implement the single-click rollback feature of ProSight Active Security Monitoring, Progent's Windows Server consultants can assist you to configure Windows Volume Shadow Copy Service. In addition, Progent offers remote and on-premises support from certified Cisco CCIE network infrastructure consultants to help you design, secure, or troubleshoot your infrastructure. If your network makes use of public cloud services, Progent can provide the expertise of Microsoft Azure consultants, Amazon AWS consultants, and Google Cloud integration consultants to help you build and manage hybrid networking solutions that seamlessly integrate local and cloud-based resources.
Other Affordable Service Packages Available from Progent
In addition to the ProSight suite of network management services, Progent offers affordable, one-time service packages to assist small and mid-size companies to verify compliance with internal or regulatory security requirements. These low-cost services include security vulnerability evaluation and penetration testing. Progent can also provide high-level disaster recovery planning consulting and business continuity planning consulting to help make sure you can resume your business activity as soon as possible following a catastrophe.
Contact Progent about ProSight Active Security Monitoring Services
To find out more about how Progent can help you set up an affordable, fully managed endpoint security solution with ProSight Active Security Monitoring, call 1-800-993-9400 or visit Contact Progent.