Increase Visibility to Reduce Dwell Time
With dwell time still averaging months based on numerous studies, it’s evident that security organizations are not detecting, and responding, fast enough despite the proliferation of security technology and alerts. The CounterTack platform combines the early detection of web and email security with in-memory endpoint detection and robust network detection.
Detect, Respond and Mitigate
Email and web continue to be highly valued channels for cybercriminal activity. With early warnings from both channels, the CounterTack platform can block a large number of attacks before they even get started.
The CounterTack platform delivers the three pillars of endpoint security – NextGen AV, Endpoint Detection and Response and Insider Threat Detection. Combined, they deliver full spectrum threat detection to expose new malware, ransomware, and fileless threats that circumvent legacy endpoint solutions.
Robust network detection, combining full packet capture, intrusion detection, log capture and sandboxing, provides detailed visibility into suspicious behavior on the network. Combined with endpoint protection, the platform extends detection across the entire path of a threat.
Featuring the only true in-memory threat detection, the CounterTack platform scans live memory, reverse engineers suspicious code and then predicts malicious intent.
It’s not enough to alert, as alert fatigue continues to grow. Predicting the malicious intent, with a level of certainty, in an easy to understand format is the core of the CounterTack platform. The CounterTack platform provides alerts and dashboards that help security organizations prioritize their efforts more effectively.
The CounterTack platform’s automated remediation capabilities contain known and terminate threats before they can execute. This allows security analysts to focus on more advanced attacks requiring their immediate attention.
Cloud delivered, and highly scalable, the CounterTack platform consists of three components:
- Endpoint Sensors
- SAP HANA backend
The sensor is a single, consolidated, agent installed on each endpoint. Collectors aggregate, store and forward threat data from sensors to the SAP HANA backend.