Frequently, servers that support business-critical applications witness a tradeoff between security and performance. Many enterprises tend to not replace their antiquated antivirus solution which consumes large amounts of CPU cycles as it runs file scans and signature updates. Others resist deploying any kind of dedicated server security solution for fear of not meeting critical SLAs due to performance degradation. On the other hand, SentinelOne’s offering requires no signature updates or file scans, thereby consuming less CPU power. The tool employs a uniquely architected agent, which performs out-of-band monitoring of system activity without creating any noticeable performance degradation. Additionally, the platform protects against both known and unknown threats, unlike antivirus software which is effective only against known file-based malware. SentinelOne’s solution enables enterprises to protect themselves against advanced malware, exploits and insider attacks while preserving valuable server performance.
SentinelOne’s underlying endpoint protection technology is behavior-based. The SentinelOne agent monitors all activity both in kernel and user space: processes, memory, registry, and network. Each agent leverages SentinelOne's Dynamic Behavior Tracking (DBT) Engine which utilizes sophisticated machine learning to detect threats against a full context of normal application and system behavior.
Our platform protects both user endpoints and critical servers across major attack vectors
In addition, the platform allows users to investigate threats with detailed forensics reports and attack visualizations based on data sent from the agent to the SentinelOne management console in real-time. This facilitates clients to have a 360-degree view of an attack, mapping its point of origin and progression across endpoints and other systems for complete forensic insight.
SentinelOne’s Endpoint Protection Platform is effective in protecting endpoint systems and critical servers across different types of organizations. In order to better serve specific verticals, the company has certifications for regulatory compliance and was recently Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS) certified. “Beyond compliance, the SentinelOne EPP offers enterprises intelligent threat response capabilities. Admins can create custom mitigation policies as required by the different categories of endpoint and server devices under their management,” explains Roth.
In an instance, the firm assisted a global cosmetics manufacturer to deploy SentinelOne EPP across 3,000 user endpoints, replacing McAfee antivirus. The client was bogged down with desktop support work, reimaging 8 to 10 laptops per week that were being attacked by ransomware. With SentinelOne’s ability to detect and remediate ransomware attacks, the instances of ransomware infections plummeted to almost zero, saving the company over 70 man-hours of internal user support work.
Having just announced an industry-first Ransomware Cyber Guarantee just prior to the annual Black Hat event in Las Vegas, the company has exciting plans for the future. “We will continue to enhance our behavior-based threat detection and broaden our enterprise features, along with the number of different endpoint and server platforms we protect,” concludes Roth.