Progent's ProSight Active Security Monitoring services incorporate behavior-based detection technology from SentinelOne to provide endpoint and server protection from modern malware attacks such as ransomware, which have demonstrated the ability to evade legacy, signature-based anti-virus defenses. ProSight ASM gives small and mid-sized organizations access to the same threat protection platform used by leading enterprises including Walmart, Netflix, Visa, Citi, NASDAQ, Salesforce and others. By delivering real-time threat prevention, detection, removal and recovery in one unified package, ProSight ASM cuts ownership costs, simplifies management, and speeds up recovery. SentinelOne's next-generation endpoint protection (NGEP) technology used by ProSight ASM was rated by Gartner Group as the most visionary Endpoint Protection Platform in the industry. Progent is a SentinelOne Partner, reseller, and integrator.
Progent's ProSight Active Security Monitoring services utilize a low-overhead agent installed on each protected endpoint and server to build a cohesive security grid that responds to threats at machine speed and allows coordinated and decisive incident response featuring:
Progent's GIAC-certified information assurance consultants and CISSP-certified cybersecurity and compliance experts have earned the security industry's top certifications including CISSP, CISA, GIAC, CISM and ISSAP. With 20 years of experience providing IT security and compliance solutions to organizations of all sizes, Progent has the skills required to help any business to deploy cutting-edge endpoint protection (EPP) technology effectively and affordably. By partnering with leading information security companies, Progent can offer the ProSight Active Security Monitoring package to small and mid-size businesses for enterprise-class threat protection on a small-business budget.
- Protection for Windows, Mac OS X and macOS, Linux, iOS and Android endpoints and servers
- Support for Windows Hyper-V, VMware vSphere, and Citrix XenServer virtual environments
- Deep system-level monitoring
- Signature-less machine learning and intelligent automation
- Behavioral analysis and detection of advanced attacks across all vectors
- Full remediation with auto-removal of detected attacks
- Single-click rollback from ransomware and other attacks
- Automatic, network-wide immunization
- Real-time visualization of the attack storyline for comprehensive forensics
- Unified control via a single management console
- HIPAA and PCI certification
Progent offers ProSight Active Security Monitoring as a low-cost, flat-rate monthly service. A software-only EPP solution, ProSight ASM requires no special hardware or other costly upfront investment. ProSight ASM can provide protection for both on-premises and cloud-based resources. In the event that you suffer an attack, Progent is qualified to act as your red team to help you use ProSight ASM to contain and remove the threat, assess the damage, rollback your network to a healthy state, and understand the source and spread of the malware.
ProSight Active Security Monitoring and the Modern Threat Landscape
97% of data breaches could have been prevented by current security technology, but some successful attacks are inevitable. Sometimes the crooks win. ProSight Active Security Monitoring is designed around the premise that even with the best security technology, you may eventually suffer a breach. For this reason ProSight ASM not only provides malware blocking based on traditional static, signature-based prevention, but also dynamic detection of malware and exploits that have penetrated your network, fast isolation of infected devices, automatic removal of threats, near real-time immunization of all endpoints, single-click recovery (such as a rollback to a pre-ransomware state), and rich forensics to help you understand and eliminate your vulnerability.
By offering best-of-breed technology for before, during and after an attack, ProSight ASM delivers an end-to-end solution for addressing the realities of the modern security landscape and minimizing or eliminating financial, productivity and reputation loss in case of a breach.
Endpoints are the most vulnerable and most frequently targeted component of an information network. ProSight Active Security Monitoring services offer a single, integrated platform to manage the entire threat lifecycle including protection, detection, response and remediation. Threats addressed by ProSight ASM include:
ProSight ASM's Behavior-based Threat Analysis
- File-based malware such as ransomware, trojans, worms, backdoors and payload-based attacks
- File-less and memory-only malware with no disk-based indicators
- Document-based exploits embedded in Office and Adobe files, and macros
- Phishing and spear phishing emails (which account for over 90+ of successful data breaches)
- Live attacks based on scripts like PowerShell, Powersploit, WMI, and VBS
- Credential-based attacks including credential-scraping, Mimikatz, and tokens
Traditional anti-virus tools use signature matching as their main defense. A unique file hash, or signature, is generated for each known threat, and potential threats are checked against a continually updated table of signatures. The flaw in this approach is that the speed and volume of new threats far outpace the anti-virus industry's ability to generate and distribute signatures. In contrast, modern behavior analysis looks at the activities of a potential threat and determines whether it behaves abnormally. For example, does it impact a large number of processes? Does it alter the registry? Does it install a keystroke logger? In essence, behavior analysis uses suspicious activities to create a kind of meta signature that can't be changed by a hacker simply by altering a few irrelevant bytes of code to escape detection.
Prevention: Before the Attack
With nation-state intelligence agencies joining the ranks of professional and amateur hackers, new malware is being developed far faster than the ability of anti-virus providers to write new signatures. The limitations of signature-matching endpoint protection has been recognized since around 2012 and its inadequacy is now an accepted tenet of IT security.
Malware production has increased beyond the capacity of traditional signature-based AV technology to block it
ProSight ASM utilizes low-overhead cloud intelligence and reputation services from multiple vendors to filter known malware. Deep file inspection plus dynamic blacklisting and whitelisting help make ProSight ASM a significant improvement over legacy anti-virus platforms, but prevention is only the first line of defense. Advanced exploits, file-less malware and script-based attacks can sneak past signature-matching barriers. For example, so-called "packers" compress code to disguise malware data so it can't be read by security researchers or malware blocking programs.
Detection and Response: During the Attack
The second phase of endpoint protection involves dealing with malware while it is executing. ProSight ASM uses next-generation endpoint protection (NGEP) technology to detect malicious behavior from any malware that gets through the automated blacklisting process. Even in the case of advanced file-less malware such as application and memory-based attacks, the malicious code must perform certain recognizable activities (e.g., creating an executable file without permission) if it is to compromise data. ProSight ASM's lightweight agent watches all activity in each protected endpoint and uses state-of-the-art behavioral threat analysis and full execution context to identify new attacks at inception. When an attack is discovered, ProSight ASM immediately disconnects the affected device from the network to contain the threat. Because the ProSight ASM agent is autonomous, devices stay protected even when they are not connected to the Internet.
Remediation: After the Attack
Once an attack is contained, ProSight ASM begins policy-based mitigation. When you use ProSight ASM in conjunction with Windows Volume Shadow Copy Service, modifications to data made by the malware attack can be rolled back automatically with a single click. ProSight ASM also logs whatever system-level files and settings were changed by the attack and what were remediated. Whenever ProSight ASM detects a new malicious binary, the threat is flagged and all protected agents on the network are immediately immunized against the attack. In addition, the ProSight ASM management console provides in-depth forensics, which include a clear visualization of the attack's progress through the network from inception to termination. This real-time audit trail of what happened during the attack exposes weaknesses that need to be addressed in your security strategy and answers questions like: How did the attack enter our network? Which employee or guest opened the malware file? What did the malware change on our network?
ProSight ASM's management console provides a real-time view of threats from inception to termination
Download the ProSight Active Security Monitoring Datasheet
To download a PDF datasheet describing the key features of ProSight Active Security Monitoring, click:
Progent's ProSight Active Security Monitoring Services Datasheet. (PDF - 89 KB)
Other ProSight Managed Services Available from Progent
In addition to ProSight Active Security Monitoring, Progent's ProSight suite of network management services includes other budget-friendly, flat-rate managed services that address key aspects of your IT network including backup and disaster recovery, network infrastructure monitoring and management, and email content filtering. By partnering with some of the industry's most innovative technology vendors, Progent can offer small and mid-size organizations the benefits of the same advanced technology used by the world's largest enterprises. Managed services offered by Progent include:
Download Progent's 10 Benefits of Managed IT Services White Paper
- ProSight Enhanced Security Protection: Endpoint Security and Exchange Filtering
ProSight Enhanced Security Protection (ESP) managed services offer economical in-depth protection for physical servers and virtual machines, desktops, mobile devices, and Exchange Server. ProSight ESP utilizes adaptive security and advanced machine learning for continuously monitoring and responding to security threats from all vectors. ProSight ESP provides two-way firewall protection, intrusion alarms, endpoint control, and web filtering through cutting-edge technologies packaged within one agent managed from a unified control. Progent's data protection and virtualization experts can help your business to design and configure a ProSight ESP deployment that addresses your company's specific requirements and that helps you prove compliance with legal and industry data protection standards. Progent will help you define and implement security policies that ProSight ESP will manage, and Progent will monitor your network and react to alerts that call for urgent action. Progent's consultants can also assist you to install and verify a backup and restore system such as ProSight Data Protection Services (DPS) so you can get back in business rapidly from a potentially disastrous cyber attack like ransomware. Learn more about Progent's ProSight Enhanced Security Protection unified physical and virtual endpoint protection and Microsoft Exchange filtering.
- ProSight Data Protection Services (DPS): Managed Backup and Disaster Recovery Services
Progent has partnered with advanced backup/restore technology providers to create ProSight Data Protection Services, a family of offerings that provide backup-as-a-service. ProSight DPS products automate and monitor your data backup operations and enable non-disruptive backup and fast restoration of important files, applications, images, and virtual machines. ProSight DPS lets your business avoid data loss caused by equipment failures, natural calamities, fire, cyber attacks like ransomware, user error, malicious insiders, or application glitches. Managed services available in the ProSight DPS portfolio include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro 365 Backup), ProSight DPS ECHO Backup based on Barracuda purpose-built hardware, and ProSight MSP360 Hybrid Backup. Your Progent service representative can assist you to determine which of these fully managed backup services are best suited for your IT environment.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering service that incorporates the infrastructure of leading information security vendors to provide web-based control and comprehensive protection for your inbound and outbound email. The powerful structure of Email Guard combines a Cloud Protection Layer with an on-premises security gateway device to provide advanced protection against spam, viruses, Denial of Service Attacks, DHAs, and other email-borne malware. Email Guard's Cloud Protection Layer serves as a first line of defense and keeps most unwanted email from making it to your network firewall. This reduces your vulnerability to external threats and conserves network bandwidth and storage. Email Guard's on-premises gateway appliance provides a deeper level of inspection for inbound email. For outbound email, the on-premises gateway provides anti-virus and anti-spam filtering, DLP, and email encryption. The on-premises security gateway can also assist Exchange Server to monitor and safeguard internal email that stays within your security perimeter. For more details, see Email Guard spam filtering and data leakage protection.
- ProSight WAN Watch: Network Infrastructure Management
ProSight WAN Watch is an infrastructure management service that makes it simple and inexpensive for small and mid-sized organizations to map, monitor, enhance and debug their networking appliances like routers and switches, firewalls, and access points as well as servers, client computers and other networked devices. Incorporating cutting-edge RMM technology, ProSight WAN Watch makes sure that network maps are always current, captures and displays the configuration information of almost all devices on your network, tracks performance, and sends alerts when issues are detected. By automating time-consuming network management activities, WAN Watch can cut hours off ordinary chores like making network diagrams, expanding your network, finding devices that require important software patches, or resolving performance bottlenecks. Learn more about ProSight WAN Watch network infrastructure management consulting.
- ProSight LAN Watch: Server and Desktop Remote Monitoring
ProSight LAN Watch is Progent's server and desktop monitoring managed service that incorporates state-of-the-art remote monitoring and management (RMM) techniques to keep your network running efficiently by checking the health of critical assets that power your business network. When ProSight LAN Watch uncovers a problem, an alert is transmitted immediately to your designated IT personnel and your Progent engineering consultant so any potential issues can be addressed before they have a chance to impact productivity. Find out more about ProSight LAN Watch server and desktop monitoring consulting.
- ProSight Virtual Hosting: Hosted VMs at Progent's World-class Data Center
With ProSight Virtual Hosting service, a small organization can have its critical servers and applications hosted in a protected fault tolerant data center on a high-performance virtual machine host set up and maintained by Progent's IT support experts. With Progent's ProSight Virtual Hosting service model, the client retains ownership of the data, the OS software, and the applications. Because the system is virtualized, it can be moved easily to a different hardware solution without a lengthy and difficult configuration process. With ProSight Virtual Hosting, you are not locked into one hosting service. Learn more about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to create, update, retrieve and protect information about your network infrastructure, processes, business apps, and services. You can quickly locate passwords or IP addresses and be warned about upcoming expirations of SSL certificates or domains. By updating and managing your IT documentation, you can eliminate up to half of time thrown away trying to find vital information about your network. ProSight IT Asset Management features a centralized repository for holding and sharing all documents required for managing your network infrastructure such as recommended procedures and How-To's. ProSight IT Asset Management also offers advanced automation for gathering and relating IT data. Whether you're making improvements, performing regular maintenance, or responding to a crisis, ProSight IT Asset Management delivers the data you require the instant you need it. Learn more about Progent's ProSight IT Asset Management service.
- Progent Active Defense Against Ransomware: AI-based Ransomware Identification and Cleanup
Progent's Active Defense Against Ransomware is an endpoint protection service that utilizes cutting edge behavior-based analysis technology to guard endpoints as well as servers and VMs against modern malware assaults like ransomware and email phishing, which easily escape legacy signature-based anti-virus tools. Progent Active Security Monitoring services safeguard local and cloud resources and offers a single platform to manage the complete threat progression including protection, identification, mitigation, remediation, and forensics. Key capabilities include single-click rollback using Windows VSS and automatic system-wide immunization against new threats. Read more about Progent's ransomware protection and cleanup services.
- Progent's Outsourced/Shared Help Center: Call Center Managed Services
Progent's Support Center services allow your information technology team to outsource Support Desk services to Progent or divide activity for Help Desk services transparently between your in-house network support staff and Progent's nationwide pool of IT support engineers and subject matter experts. Progent's Co-managed Service Desk provides a transparent supplement to your internal network support team. User interaction with the Service Desk, provision of support, problem escalation, ticket generation and updates, performance measurement, and management of the support database are consistent regardless of whether issues are resolved by your in-house network support group, by Progent's team, or a mix of the two. Find out more about Progent's outsourced/co-managed Help Center services.
- Progent's Patch Management: Patch Management Services
Progent's managed services for patch management provide businesses of any size a flexible and affordable solution for assessing, validating, scheduling, applying, and documenting updates to your ever-evolving IT system. Besides optimizing the security and functionality of your computer network, Progent's software/firmware update management services free up time for your in-house IT team to concentrate on line-of-business projects and activities that derive the highest business value from your network. Find out more about Progent's patch management support services.
- ProSight Duo Two-Factor Authentication: Access Security, Endpoint Remediation, and Protected Single Sign-on (SSO)
Progent's Duo MFA service plans utilize Cisco's Duo technology to protect against password theft by using two-factor authentication (2FA). Duo enables one-tap identity confirmation with iOS, Google Android, and other personal devices. Using Duo 2FA, whenever you sign into a protected online account and enter your password you are asked to verify who you are on a unit that only you have and that uses a separate network channel. A wide selection of devices can be utilized as this added form of authentication such as an iPhone or Android or watch, a hardware/software token, a landline telephone, etc. You can register several validation devices. For more information about Duo two-factor identity authentication services, refer to Cisco Duo MFA two-factor authentication services for access security.
- ProSight Reporting: Real-time and In-depth Reporting for Ticketing and Network Monitoring Platforms
ProSight Reporting is a growing line of real-time reporting plug-ins created to integrate with the industry's leading ticketing and network monitoring programs including ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne. ProSight Reporting uses Microsoft Graph and features color coding to highlight and contextualize critical issues like inconsistent support follow-through or machines with missing patches. By identifying ticketing or network health problems concisely and in near-real time, ProSight Reporting enhances productivity, reduces management overhead, and saves money. For details, visit ProSight Reporting for ticketing and network monitoring platforms.
To view a white paper explaining why managed services are rapidly takingthe place of the traditional break/fix model of IT support outsourcing for small and mid-size companies, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits offer a quick and low-cost alternative for small and mid-size organizations to get an unbiased evaluation of the health of their information system. Based on a selection of the leading remote monitoring and management tools available, and supervised by Progent's certified team of IT professionals, ProSight Network Audits show you how closely the configuration of your core infrastructure devices conform to industry leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are available at a budget-friendly, one-time cost and deliver immediate ROI like a cleaner Active Directory (AD) system. Both versions also include one year of state-of-the-art remote network monitoring and management (RMM). Benefits can include easier network management, improved compliance with government and industry security regulations, higher utilization of IT assets, faster troubleshooting, more reliable backup and restore, and less downtime. See more information about Progent's ProSight Network Audits IT infrastructure review.
Progent's ProSight Ransomware Preparedness Report Service
The ProSight Ransomware Preparedness Report is an affordable service centered on a brief phone interview with a Progent information assurance expert. The fact-finding interview is designed to help evaluate your company's ability to defend against ransomware or recover quickly after an attack by a ransomware strain like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, LockBit or Nephilim. Progent will consult with you personally to collect information about your existing antivirus tools and backup/recovery procedures, and Progent will then deliver a written Basic Security and Best Practices Report document describing how you can apply best practices to deploy a cost-effective AV and backup environment that reduces your exposure to a ransomware attack and aligns with your business requirements. For additional information, see The ProSight Ransomware Preparedness Report Service.
The Progent Advantage
Progent's team of more than 100 consulting professionals includes certified experts in every aspect of information technology related to small and mid-size businesses. With this breadth of expertise, Progent can be your one-stop source for integrating a comprehensive security solution that delivers immediate business value. In addition to the endpoint protection provided by ProSight Active Security Monitoring, Progent offers other managed services and specially-priced service packages designed to help small and mid-size businesses to deploy, validate, and manage networks that feature enterprise-class information assurance and low total cost of ownership (TCO).
Besides the ProSight suite of ongoing network management services, Progent offers specially priced one-time service bundles to help organizations of any size to achieve and demonstrate compliance with regulatory and industry security standards. These value-priced services include security vulnerability assessment and stealth penetration testing. Progent also offers expert disaster recovery planning consulting and business continuity planning consulting to help ensure you can return to operations quickly in case of a catastrophic failure due to a natural disaster, fire, cyber attack, human error, equipment breakdown, or any other foreseeable disruptive event.
Progent has expertise in all the endpoints, servers and virtual machines that can be protected by ProSight Active Security Monitoring and offers services that include Windows 11 planning and migration consulting, Windows 10 integration, Linux support, Mac OS X and macOS consulting, iPhone and iPad configuration, Android integration, Windows Server 2022 integration expertise, Windows Server 2019 migration consulting, Hyper-V virtualization support, and VMware vSphere consulting. For single-click or manual rollback capability, Progent's Windows Server consultants can help you set up Windows Volume Shadow Copy Service (VSS). Progent can also provide online and onsite access to certified Cisco CCIE consultants to help you plan, protect or troubleshoot your network infrastructure. If your network incorporates cloud resources, Progent offers the guidance of Microsoft Azure consultants, Amazon AWS experts, and Google Cloud integration consultants.
Contact Progent about ProSight Active Security Monitoring Services
To find out more about how Progent can help you set up an affordable, fully managed endpoint security solution with ProSight Active Security Monitoring, call 1-800-993-9400 or visit Contact Progent.
Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is intended to help you to carry out the urgent first phase in responding to a ransomware attack by stopping the bleeding. Progent's online ransomware expert can assist you to locate and isolate infected servers and endpoints and guard undamaged assets from being compromised. If your system has been breached by any version of ransomware, act fast. Get help quickly by calling Progent's Ransomware Hot Line at 800-462-8800. For more information, visit Progent's Ransomware 24x7 Hot Line.