DATA
SHEET
ZERO BREACH TOLERANCE
PREVENT. STOP. HUNT.
E
ndgame is the only leading endpoint
detection and response (EDR) platform
that prevents compromise from advanced
attacks, stops ongoing attacks, and automates
the hunt for the next generation of attacks with
a single, centrally managed, dissolvable agent.
Managed from a single console, Endgame’s
IOC-independent platform stops advanced
threats at the earliest and all stages of the attack
lifecycle, before damage and loss occurs.
Prevent
Stop
■ Stops attacks before damage and loss:
Earliest prevention, accelerated detection
and response, and automated hunt closes
the protection gap across the entire
breadth and depth of attack lifecycle.
■ Transform SOC teams: Whitebox tradecraft
■ Eliminate cost and impact of IR: Preventing
attacks before they start, stopping ongoing attacks
before damage and loss, and automating the hunt
minimizes adversary dwell time reducing time to
detect, time to contain, and eliminates IR costs.
WWW.ENDGAME.COM
P redictive Prevention with HA-CFI TM and
Dynamic Binary Instrumentaion (DBI)
Malware
■
Signature-less malware prevention powered
by MalwareScoreTM
Ransomware
■
Behavioral damage protection
■
Patent-pending process injection prevention
Fileless
THE ENDGAME VALUE
analytics, machine-learning powered chatbot,
Artemis, and guided workflows empower SOC
analysts of any skillset to instantly discover and
remediate malicious activity at enterprise scale.
■
Exploitation
Hunt
Escalation
■
■
Permission theft (User)
Credential manipulation (Kernel)
Evasion
■
■
Fileless attack detection
Persistence hijacks
Credential Access
■
Credential dumping
Persistence
■
MalwareScoreTM
Malwareless
■
Legitimate software misuse protection
Propagation
■
Lateral movement detection
Whitebox Analytics
Continuous Monitoring
■
Hundreds of tradecraft analytics to
streamline adversary detection
■
Event capture for complete visibility
and analytics at scale
■
IOC search at scale with zero gaps
in coverage
Artemis
■
■
Machine learning powered chatbot
Directed alert triage, guided
workflows, and distributed analytics
Integration
■
■
Robust 2-way API
CEF alert export for SIEMs
3101 WILSON BLVD, ARLINGTON, VA 22201
ENDGAME ADVANTAGES
Earliest prevention blocks exploits, malware,
ransomware and fileless attacks
TECHNICAL
FEATURES
■ Predictive prevention stops zero-day exploits and malicious
macros in real-time before malicious code execution by
combining patent-pending Hardware Assisted Control Flow
Integrity (HA-CFI) with Dynamic Binary Instrumentation (DBI).
1.
Single dissolvable
or persistent agent
and single centralized
management console
2.
SE Labs certified
malware prevention
engine, MalwareScore™
3.
VirusTotal integrates
MalwareScore™
engine
4.
Unlimited scale
with multi-server
management console
5.
Zero disruption with
minimal endpoint impact
6.
Two way API support for
integration with existing
workflows, orchestration,
and reporting
7.
Protects Windows and
Linux operating systems
8.
Use Cases: Prevention,
Continuous Monitoring
Detection and Response,
and Threat Hunting
■ Endgame Malwarescore™, powered by machine
learning, prevents execution of 99+% of known
and unknown malware without signatures.
■ Behavior-based prevention stops damage and
destruction caused by ransomware.
■ Technique-focused prevention operates in
the kernel to stop fileless attacks.
Accelerated detection and response outpaces
adversaries across the attack lifecycle
■ Kernel-level in-memory protection at scale stops fileless
attacks by detecting techniques like process injection, memory
modification, and hidden modules in seconds.
■ Technique-focused protection stops attacks such as malicious
persistence, credential dumping, malwareless attacks
(legitimate tools like PowerShell for malicious purposes), and
privilege escalation by leveraging Endgame's knowledge of
adversary tradecraft.
■ Single-click response actions like thread-
level suspension enables SOC teams to evict
adversaries without business disruption.
Automated Hunt empowers tier 1 analysts to
detect and remediate at enterprise scale
■ Continuous monitoring, capture, and analysis of all
endpoint events provides complete visibility of the origin,
and full extent of the attack with zero gaps in coverage.
■ Endgame’s machine learning powered chatbot,
Artemis, empowers analysts to prioritize, triage, and
remediate alerts, before damage and loss occurs
without relying on complex queries and known IOCs.
■ Hundreds of whitebox tradecraft analytics streamline
detection and response workflows to surface suspicious
artifacts across millions of records in minutes.
WWW.ENDGAME.COM
3101 WILSON BLVD, ARLINGTON, VA 22201