Cybersecurity and Compliance

Progent's ProSight Active Security Monitoring services incorporate behavior-based detection technology from SentinelOne to provide endpoint and server protection from modern malware attacks such as ransomware, which have demonstrated the ability to evade legacy, signature-based anti-virus defenses. ProSight ASM gives small and mid-sized organizations access to the same threat protection platform used by leading enterprises including Walmart, Netflix, Visa, Citi, NASDAQ, Salesforce and others. By delivering real-time threat prevention, detection, removal and recovery in one unified package, ProSight ASM cuts ownership costs, simplifies management, and speeds up recovery. SentinelOne's next-generation endpoint protection (NGEP) technology used by ProSight ASM was rated by Gartner Group as the most visionary Endpoint Protection Platform in the industry. Progent is a SentinelOne Partner, reseller, and integrator.

Progent's ProSight Active Security Monitoring services utilize a low-overhead agent installed on each protected endpoint and server to build a cohesive security grid that responds to threats at machine speed and allows coordinated and decisive incident response featuring:

• Protection for Windows, Mac OS X and macOS, Linux, iOS and Android endpoints and servers
• Support for Windows Hyper-V, VMware vSphere, and Citrix XenServer virtual environments
• Deep system-level monitoring
• Signature-less machine learning and intelligent automation
• Behavioral analysis and detection of advanced attacks across all vectors
• Full remediation with auto-removal of detected attacks
• Single-click rollback from ransomware and other attacks
• Automatic, network-wide immunization
• Real-time visualization of the attack storyline for comprehensive forensics
• Unified control via a single management console
• HIPAA and PCI certification

Progent offers ProSight Active Security Monitoring as a low-cost, flat-rate monthly service. A software-only EPP solution, ProSight ASM requires no special hardware or other costly upfront investment. ProSight ASM can provide protection for both on-premises and cloud-based resources. In the event that you suffer an attack, Progent is qualified to act as your red team to help you use ProSight ASM to contain and remove the threat, assess the damage, rollback your network to a healthy state, and understand the source and spread of the malware.

ProSight Active Security Monitoring and the Modern Threat Landscape
97% of data breaches could have been prevented by current security technology, but some successful attacks are inevitable. Sometimes the crooks win. ProSight Active Security Monitoring is designed around the premise that even with the best security technology, you may eventually suffer a breach. For this reason ProSight ASM not only provides malware blocking based on traditional static, signature-based prevention, but also dynamic detection of malware and exploits that have penetrated your network, fast isolation of infected devices, automatic removal of threats, near real-time immunization of all endpoints, single-click recovery (such as a rollback to a pre-ransomware state), and rich forensics to help you understand and eliminate your vulnerability.

By offering best-of-breed technology for before, during and after an attack, ProSight ASM delivers an end-to-end solution for addressing the realities of the modern security landscape and minimizing or eliminating financial, productivity and reputation loss in case of a breach.

Endpoints are the most vulnerable and most frequently targeted component of an information network. ProSight Active Security Monitoring services offer a single, integrated platform to manage the entire threat lifecycle including protection, detection, response and remediation. Threats addressed by ProSight ASM include:

• File-based malware such as ransomware, trojans, worms, backdoors and payload-based attacks
• File-less and memory-only malware with no disk-based indicators
• Document-based exploits embedded in Office and Adobe files, and macros
• Phishing and spear phishing emails (which account for over 90+ of successful data breaches)
• Browser-based attacks rooted in drive-by downloads, Flash, Java, Javascript, VBS, IFraME.htmL5, and plug-ins
• Live attacks based on scripts like PowerShell, Powersploit, WMI, and VBS
• Credential-based attacks including credential-scraping, Mimikatz, and tokens

Prevention: Before the Attack
With nation-state intelligence agencies joining the ranks of professional and amateur hackers, new malware is being developed far faster than the ability of anti-virus providers to write new signatures. The limitations of signature-matching endpoint protection has been recognized since around 2012 and its inadequacy is now an accepted tenet of IT security.

ProSight ASM utilizes low-overhead cloud intelligence and reputation services from multiple vendors to filter known malware. Deep file inspection plus dynamic blacklisting and whitelisting help make ProSight ASM a significant improvement over legacy anti-virus platforms, but prevention is only the first line of defense. Advanced exploits, file-less malware and script-based attacks can sneak past signature-matching barriers. For example, so-called "packers" compress code to disguise malware data so it can't be read by security researchers or malware blocking programs.

Detection and Response: During the Attack
The second phase of endpoint protection involves dealing with malware while it is executing. ProSight ASM uses next-generation endpoint protection (NGEP) technology to detect malicious behavior from any malware that gets through the automated blacklisting process. Even in the case of advanced file-less malware such as application and memory-based attacks, the malicious code must perform certain recognizable activities (e.g., creating an executable file without permission) if it is to compromise data. ProSight ASM's lightweight agent watches all activity in each protected endpoint and uses state-of-the-art behavioral threat analysis and full execution context to identify new attacks at inception. When an attack is discovered, ProSight ASM immediately disconnects the affected device from the network to contain the threat. Because the ProSight ASM agent is autonomous, devices stay protected even when they are not connected to the Internet.

Remediation: After the Attack
Once an attack is contained, ProSight ASM begins policy-based mitigation. When you use ProSight ASM in conjunction with Windows Volume Shadow Copy Service, modifications to data made by the malware attack can be rolled back automatically with a single click. ProSight ASM also logs whatever system-level files and settings were changed by the attack and what were remediated. Whenever ProSight ASM detects a new malicious binary, the threat is flagged and all protected agents on the network are immediately immunized against the attack. In addition, the ProSight ASM management console provides in-depth forensics, which include a clear visualization of the attack's progress through the network from inception to termination. This real-time audit trail of what happened during the attack exposes weaknesses that need to be addressed in your security strategy and answers questions like: How did the attack enter our network? Which employee or guest opened the malware file? What did the malware change on our network?

Download the ProSight Active Security Monitoring Datasheet
To download a PDF datasheet describing the key features of ProSight Active Security Monitoring, click:
Progent's ProSight Active Security Monitoring Services Datasheet. (PDF - 89 KB)

Other ProSight Managed Services Available from Progent
In addition to ProSight Active Security Monitoring, Progent's ProSight suite of network management services includes other budget-friendly, flat-rate managed services that address key aspects of your IT network including backup and disaster recovery, network infrastructure monitoring and management, and email content filtering. By partnering with some of the industry's most innovative technology vendors, Progent can offer small and mid-size organizations the benefits of the same advanced technology used by the world's largest enterprises. Managed services offered by Progent include:

• ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Protection and Exchange Email Filtering
  ProSight Enhanced Security Protection services deliver affordable multi-layer security for physical and virtual servers, workstations, smartphones, and Exchange Server. ProSight ESP uses contextual security and advanced machine learning for round-the-clock monitoring and responding to security assaults from all vectors. ProSight ESP provides two-way firewall protection, penetration alarms, device management, and web filtering through cutting-edge technologies incorporated within one agent managed from a single console. Progent's security and virtualization consultants can assist your business to design and implement a ProSight ESP deployment that addresses your company's unique requirements and that allows you achieve and demonstrate compliance with government and industry information protection standards. Progent will help you define and implement policies that ProSight ESP will enforce, and Progent will monitor your IT environment and react to alerts that call for urgent action. Progent can also help your company to install and test a backup and disaster recovery system such as ProSight Data Protection Services (DPS) so you can get back in business rapidly from a potentially disastrous security attack like ransomware. Read more about Progent's ProSight Enhanced Security Protection unified endpoint security and Microsoft Exchange filtering.

• ProSight Data Protection Services: Managed Backup and Disaster Recovery Services
  Progent has worked with advanced backup technology companies to create ProSight Data Protection Services, a selection of management outsourcing plans that deliver backup-as-a-service (BaaS). ProSight DPS services automate and monitor your backup processes and enable transparent backup and fast restoration of critical files/folders, applications, system images, plus VMs. ProSight DPS helps your business recover from data loss caused by hardware breakdown, natural calamities, fire, malware such as ransomware, user mistakes, malicious employees, or application bugs. Managed services in the ProSight DPS product family include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro 365 Backup), ProSight DPS ECHO Backup using Barracuda dedicated hardware, and ProSight MSP360 Hybrid Backup. Your Progent consultant can help you to determine which of these managed backup services are most appropriate for your IT environment.

• ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
  ProSight Email Guard is Progent's spam and virus filtering service that uses the infrastructure of leading data security vendors to provide web-based management and comprehensive protection for all your email traffic. The powerful structure of Progent's Email Guard managed service combines a Cloud Protection Layer with an on-premises gateway appliance to provide advanced protection against spam, viruses, Dos Attacks, Directory Harvest Attacks, and other email-borne threats. The Cloud Protection Layer serves as a preliminary barricade and keeps the vast majority of threats from reaching your network firewall. This reduces your exposure to external threats and conserves network bandwidth and storage space. Email Guard's onsite security gateway appliance adds a deeper level of inspection for incoming email. For outbound email, the local security gateway provides anti-virus and anti-spam protection, protection against data leaks, and email encryption. The local security gateway can also assist Exchange Server to track and safeguard internal email that stays inside your corporate firewall. For more information, visit Email Guard spam filtering and data leakage protection.

• ProSight WAN Watch: Network Infrastructure Remote Monitoring and Management
  Progent's ProSight WAN Watch is an infrastructure management service that makes it simple and affordable for small and mid-sized organizations to map, track, reconfigure and troubleshoot their networking appliances such as routers and switches, firewalls, and load balancers as well as servers, printers, endpoints and other networked devices. Using cutting-edge Remote Monitoring and Management technology, WAN Watch ensures that network diagrams are kept updated, captures and displays the configuration information of virtually all devices connected to your network, tracks performance, and generates notices when issues are detected. By automating complex management activities, WAN Watch can knock hours off common tasks like making network diagrams, expanding your network, finding devices that need important software patches, or isolating performance problems. Find out more details about ProSight WAN Watch network infrastructure monitoring and management consulting.

• ProSight LAN Watch: Server and Desktop Monitoring and Management
  ProSight LAN Watch is Progent's server and desktop remote monitoring managed service that uses state-of-the-art remote monitoring and management (RMM) techniques to help keep your IT system running at peak levels by tracking the state of critical computers that drive your business network. When ProSight LAN Watch detects a problem, an alert is transmitted automatically to your specified IT management personnel and your assigned Progent engineering consultant so that any looming problems can be resolved before they have a chance to impact your network. Find out more details about ProSight LAN Watch server and desktop monitoring services.

• ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
  With ProSight Virtual Hosting service, a small organization can have its critical servers and apps hosted in a secure Tier III data center on a fast virtual host set up and managed by Progent's network support experts. Under the ProSight Virtual Hosting service model, the client retains ownership of the data, the OS software, and the applications. Because the environment is virtualized, it can be moved easily to a different hosting environment without requiring a lengthy and difficult reinstallation process. With ProSight Virtual Hosting, your business is not locked into one hosting provider. Learn more details about ProSight Virtual Hosting services.

• ProSight IT Asset Management: Network Documentation Management
  ProSight IT Asset Management service is a cloud-based IT documentation management service that makes it easy to capture, update, retrieve and protect data related to your IT infrastructure, procedures, business apps, and services. You can quickly find passwords or serial numbers and be alerted about upcoming expirations of SSLs or warranties. By updating and managing your IT documentation, you can save up to half of time spent looking for vital information about your IT network. ProSight IT Asset Management includes a common repository for storing and sharing all documents required for managing your business network such as recommended procedures and How-To's. ProSight IT Asset Management also supports advanced automation for gathering and relating IT information. Whether you're planning improvements, doing regular maintenance, or reacting to a crisis, ProSight IT Asset Management delivers the knowledge you require the instant you need it. Find out more about Progent's ProSight IT Asset Management service.

• Active Defense Against Ransomware: Machine Learning-based Ransomware Detection and Remediation
  Progent's Active Protection Against Ransomware is an endpoint protection (EPP) solution that utilizes next generation behavior analysis technology to guard endpoints and physical and virtual servers against new malware assaults like ransomware and file-less exploits, which routinely evade traditional signature-based anti-virus products. Progent ASM services protect on-premises and cloud resources and provides a unified platform to automate the entire threat progression including protection, identification, containment, remediation, and post-attack forensics. Key capabilities include single-click rollback using Windows Volume Shadow Copy Service (VSS) and automatic system-wide immunization against new threats. Learn more about Progent's ransomware defense and cleanup services.

• Outsourced/Co-managed Call Desk: Help Desk Managed Services
  Progent's Call Desk managed services enable your IT staff to outsource Call Center services to Progent or split activity for Help Desk services transparently between your internal support resources and Progent's nationwide roster of certified IT service engineers and subject matter experts (SMEs). Progent's Co-managed Help Desk Service offers a smooth supplement to your internal support team. End user access to the Service Desk, provision of support services, escalation, trouble ticket creation and tracking, efficiency metrics, and management of the service database are consistent whether incidents are resolved by your corporate support resources, by Progent's team, or a mix of the two. Read more about Progent's outsourced/co-managed Help Center services.

• Patch Management: Patch Management Services
  Progent's support services for patch management offer businesses of all sizes a flexible and cost-effective solution for evaluating, testing, scheduling, implementing, and documenting software and firmware updates to your dynamic IT network. Besides optimizing the security and reliability of your computer network, Progent's software/firmware update management services free up time for your IT team to concentrate on line-of-business initiatives and tasks that deliver maximum business value from your network. Find out more about Progent's patch management support services.

• ProSight Duo Two-Factor Authentication: Access Security, Endpoint Policy Enforcement, and Protected Single Sign-on
  Progent's Duo authentication managed services utilize Cisco's Duo cloud technology to protect against compromised passwords by using two-factor authentication (2FA). Duo supports one-tap identity verification on Apple iOS, Android, and other personal devices. Using Duo 2FA, when you sign into a protected online account and give your password you are asked to confirm your identity on a device that only you possess and that is accessed using a different ("out-of-band") network channel. A wide selection of out-of-band devices can be used for this added means of authentication such as a smartphone or watch, a hardware token, a landline phone, etc. You can designate multiple validation devices. For more information about ProSight Duo two-factor identity validation services, see Cisco Duo MFA two-factor authentication (2FA) services.

ProSight Network Audits
Progent's ProSight Network Audits are a fast and affordable alternative for small and medium-size businesses to get an objective evaluation of the overall health of their IT system. Based on some of the top remote monitoring and management platforms in the industry, and overseen by Progent's certified team of information technology professionals, ProSight Network Audits show you how well the configuration of your core network assets adhere to leading practices. The Basic and Advanced options for ProSight Network Audit services are offered at a low, one-time cost and provide instant ROI such as a cleaner Active Directory (AD) system. Both versions also come with one year of state-of-the-art remote network monitoring and management. Advantages can include simpler management, improved compliance with data security requirements, higher utilization of IT assets, faster problem resolution, more reliable backup and recovery, and higher availability. Read more information about ProSight Network Audits network infrastructure assessment.

Progent's ProSight Ransomware Preparedness Report Service
The ProSight Ransomware Preparedness Report service is an affordable service centered on a brief discussion with a Progent information assurance expert. The fact-finding interview is designed to help evaluate your company's ability either to block ransomware or recover rapidly following an assault by a ransomware strain such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti or Nephilim. Progent will consult with you directly to collect information concerning your existing cybersecurity posture and backup/recovery system, and Progent will then deliver a custom Basic Security and Best Practices Report detailing how you can apply best practices to build a cost-effective security and backup/recovery system that minimizes your vulnerability to ransomware and meets your company's needs. For more information, see Progent's ProSight Ransomware Preparedness Report Service.

The Progent Advantage
Progent's team of more than 100 consulting professionals includes certified experts in every aspect of information technology related to small and mid-size businesses. With this breadth of expertise, Progent can be your one-stop source for integrating a comprehensive security solution that delivers immediate business value. In addition to the endpoint protection provided by ProSight Active Security Monitoring, Progent offers other managed services and specially-priced service packages designed to help small and mid-size businesses to deploy, validate, and manage networks that feature enterprise-class information assurance and low total cost of ownership (TCO).

Besides the ProSight suite of ongoing network management services, Progent offers specially priced one-time service bundles to help organizations of any size to achieve and demonstrate compliance with regulatory and industry security standards. These value-priced services include security vulnerability assessment and stealth penetration testing. Progent also offers expert disaster recovery planning consulting and business continuity planning consulting to help ensure you can return to operations quickly in case of a catastrophic failure due to a natural disaster, fire, cyber attack, human error, equipment breakdown, or any other foreseeable disruptive event.

Progent has expertise in all the endpoints, servers and virtual machines that can be protected by ProSight Active Security Monitoring and offers services that include Windows 11 planning and migration consulting, Windows 10 integration, Linux support, Mac OS X and macOS consulting, iPhone and iPad configuration, Android integration, Windows Server 2022 integration expertise, Windows Server 2019 migration consulting, Hyper-V virtualization support, and VMware vSphere consulting. For single-click or manual rollback capability, Progent's Windows Server consultants can help you set up Windows Volume Shadow Copy Service (VSS). Progent can also provide online and onsite access to certified Cisco CCIE consultants to help you plan, protect or troubleshoot your network infrastructure. If your network incorporates cloud resources, Progent offers the guidance of Microsoft Azure consultants, Amazon AWS experts, and Google Cloud integration consultants.

Contact Progent about ProSight Active Security Monitoring Services
To find out more about how Progent can help you set up an affordable, fully managed endpoint security solution with ProSight Active Security Monitoring, call 1-800-993-9400 or visit Contact Progent.