SentinelOne Unveils ActiveEDR to Autonomously Detect and Remediate Advanced Attacks
September 2019 by SentinelOne
SentinelOne announces the next step in endpoint security evolution — ActiveEDR — which is delivered via SentinelOne’s single agent, single codebase, single console architecture. Going beyond traditional antivirus and EDR solutions, ActiveEDR, powered by SentinelOne’s proprietary TrueContext technology, allows security teams to quickly understand the story and root cause behind threat actors and autonomously respond, without any reliance on cloud resources. With ActiveEDR, everyone from advanced SOC analysts to novice security teams can automatically remediate threats and defend against advanced attacks. This technology empowers security teams to focus on the alerts that matter and leverage technology to assist in what before was limited to human mandated tasks.
Security teams are challenged with monitoring and protecting every edge of their network, from the endpoint to the cloud. While most EDR solutions passively allow operators to find what’s malicious, many don’t provide the context to understand what was found, or better yet, locate the source and autonomously block attacks. SentinelOne’s TrueContext takes into account advanced context evasion techniques that normally bypass or confuse passive EDR solutions, providing security teams with situational awareness and actionable context faster than any other solution on the market. The technology allows analysts and responders to fully and automatically remediate threats leveraging SentinelOne’s automated response capabilities.
ActiveEDR reduces the cost and time required to bring value to the complicated and overwhelming amount of data provided by passive EDR tools. The autonomous AI-powered agent functions like a SOC analyst on each and every endpoint, transforming massive amounts of data into TrueContext stories and raising high-quality, prioritized alerts when threat behavior is observed. At machine speed, ActiveEDR, leveraging TrueContext, is able to prevent, detect, and respond to advanced attacks regardless of delivery vectors, whether the endpoint is connected to the cloud or not.
“Operationalizing EDR technologies has historically been challenging,” said Alex Burinskiy, Lead Security Engineer, Cengage, an education and technology company. “ActiveEDR provides our entire security team — regardless of skill level — with the context to not only understand what was found, but autonomously block attacks faster than any other solution on the market.”