SentinelOne Launches First Certified Enterprise Anti-Virus Replacement and Next Generation Endpoint Protection Platform
MOUNTAIN VIEW, Calif.,July 27, 2015 –SentinelOne today announced SentinelOne EPP (EndpointProtection Platform), the first and only AV-TEST certified next generation endpoint security solution that combines prevention, detection, mitigation, remediation and forensic capabilities for Windows, OS X and Android devices. AV-TEST, a leading independent anti-virus research institute, has awarded SentinelOne EPP the Approved Corporate Endpoint Protection certification which validates its effectiveness for detecting both advanced malware and blocking known threats. SentinelOne now enables enterprises to replace their existing corporate AV suites and still meet compliance requirements.
With this launch, SentinelOne gives enterprises the flexibility to augment their existing antivirus solution with the SentinelOne EDR solution, or completely replace it with SentinelOne EPP.
Enterprise Endpoint Security for the Cloud Age
Cloud and mobile computing have transformed endpoint devices into the new enterprise security perimeter. Meanwhile, advancements in evasion techniques have made malware extremely difficult to detect using signature-based approaches, static indicators of compromise or sandbox technologies that emulate endpoint devices. SentinelOne EPP combines the following comprehensive set of capabilities that define next generation endpoint protection, and help protect from known, legacy threats, as well as from highly advanced malware and exploits.
To detect and block known threats before they can execute on endpoints, SentinelOne EPP leverages up to the minute cloud intelligence and select reputation services. This approach uses a lightweight method to index files for passive scanning, instead of performing resource-intensive system scans.
Malware and Exploit Detection
To detect advanced persistent threats and never before seen attacks, SentinelOne EPP dynamically tracks each newly-created process on a machine using dynamic execution inspection technology to monitor behaviors based on low-level instrumentation of OS activities and operations, including memory, disk, registry, network, and more. SentinelOne EPP can also detect malicious code based on its exploit techniques, including heap spraying, stack pivots, ROP attacks and memory permission modifications. These core malware functions cannot be easily changed or modified like the shellcode, dropper and payload components that are sometimes monitored statically by traditional endpoint security tools.
To contain malware, SentinelOne EPP provides real time, automated, policy-based mitigation options that are flexible enough to cover a wide range of use cases, including killing a specific process, disconnecting the infected machine from the network, or even completely shutting it down.
Even if malware is detected and blocked, in early stages of execution it often creates, modifies, or deletes system files, registry settings, as well as makes changes to configuration settings. SentinelOne EPP can restore endpoints to their trusted, pre-malware state — while logging what changed and what was successfully remediated.
To enable security teams to quickly assess the scope of an attack and take appropriate responses, SentinelOne EPP captures a real time audit trail of what happened on every endpoint. It also provides the ability to search for indicators of compromise across endpoints, for clear and timely visibility into malicious activity that has taken place across an organization.
“The sophistication of attack techniques has outstripped the ability of security products that rely on static indicators of compromise to detect advanced and targeted malware,” said Tomer Weingarten, CEO of SentinelOne. “SentinelOne EPP represents the first major transformation in enterprise endpoint protection, which has been dominated by stagnant AV products for more than 20 years. Our ability to protect organizations from advanced, unknown threats as well as any variant of known malware uniquely combines prevention, detection, mitigation, remediation and forensics.”
“Protecting endpoint devices from increasingly sophisticated threats is a critical point of focus, since many of these can now bypass traditional signature-based security approaches. I am really impressed with SentinelOne’s ability to monitor all processes on a device, whether it is on or off the corporate network, and detect malware based on its behavior. I believe this new model is needed to protect against advanced malware that is invisible to outdated anti-virus systems.”
—Ben Carr, Director of Information Security, VISA
“SentinelOne is bringing true innovation to endpoint protection. I am continuously on the lookout for advanced IT security technologies. Their ability to replace aging signature-based anti-virus with dynamic execution inspection that can detect and protect against advanced malware and zero day threats represents a major advancement for endpoint security.”
— Doug Shean, Senior Vice President, Citibank
“The amount of malware is continuing to increase while existing anti-virus software is struggling to provide effective protection. SentinelOne’s new approach is helping solve a widespread problem which the industry has been grappling with for some time. Knowing SentinelOne is certified by third-party AV testing organization AV-TEST gives me the confidence that it represents a viable option to replace anti- virus solutions.”
— Craig Holland, CISO for Fortune 500 Entertainment Company
“The SentinelOne EPP solution delivers much needed innovation to endpoint protection in an industry that has struggled to keep pace with the amount of new malware and variants. My confidence in SentinelOne has deepened given their unique approach doesn’t rely on signatures, and they are certified by the well-respected AV-TEST Institute.”
— Larry Whiteside Jr., Chief Security Officer, Lower Colorado River Authority
Pricing and Availability
SentinelOne EPP is available immediately. Subscription pricing is based per endpoint/year.