DATA SHEET ZERO BREACH TOLERANCE PREVENT. STOP. HUNT. E ndgame is the only leading endpoint detection and response (EDR) platform that prevents compromise from advanced attacks, stops ongoing attacks, and automates the hunt for the next generation of attacks with a single, centrally managed, dissolvable agent. Managed from a single console, Endgame’s IOC-independent platform stops advanced threats at the earliest and all stages of the attack lifecycle, before damage and loss occurs. Prevent Stop ■ Stops attacks before damage and loss: Earliest prevention, accelerated detection and response, and automated hunt closes the protection gap across the entire breadth and depth of attack lifecycle. ■ Transform SOC teams: Whitebox tradecraft ■ Eliminate cost and impact of IR: Preventing attacks before they start, stopping ongoing attacks before damage and loss, and automating the hunt minimizes adversary dwell time reducing time to detect, time to contain, and eliminates IR costs. WWW.ENDGAME.COM P redictive Prevention with HA-CFI TM and Dynamic Binary Instrumentaion (DBI) Malware ■ Signature-less malware prevention powered by MalwareScoreTM Ransomware ■ Behavioral damage protection ■ Patent-pending process injection prevention Fileless THE ENDGAME VALUE analytics, machine-learning powered chatbot, Artemis, and guided workflows empower SOC analysts of any skillset to instantly discover and remediate malicious activity at enterprise scale. ■ Exploitation Hunt Escalation ■ ■ Permission theft (User) Credential manipulation (Kernel) Evasion ■ ■ Fileless attack detection Persistence hijacks Credential Access ■ Credential dumping Persistence ■ MalwareScoreTM Malwareless ■ Legitimate software misuse protection Propagation ■ Lateral movement detection Whitebox Analytics Continuous Monitoring ■ Hundreds of tradecraft analytics to streamline adversary detection ■ Event capture for complete visibility and analytics at scale ■ IOC search at scale with zero gaps in coverage Artemis ■ ■ Machine learning powered chatbot Directed alert triage, guided workflows, and distributed analytics Integration ■ ■ Robust 2-way API CEF alert export for SIEMs 3101 WILSON BLVD, ARLINGTON, VA 22201 ENDGAME ADVANTAGES Earliest prevention blocks exploits, malware, ransomware and fileless attacks TECHNICAL FEATURES ■ Predictive prevention stops zero-day exploits and malicious macros in real-time before malicious code execution by combining patent-pending Hardware Assisted Control Flow Integrity (HA-CFI) with Dynamic Binary Instrumentation (DBI). 1. Single dissolvable or persistent agent and single centralized management console 2. SE Labs certified malware prevention engine, MalwareScore™ 3. VirusTotal integrates MalwareScore™ engine 4. Unlimited scale with multi-server management console 5. Zero disruption with minimal endpoint impact 6. Two way API support for integration with existing workflows, orchestration, and reporting 7. Protects Windows and Linux operating systems 8. Use Cases: Prevention, Continuous Monitoring Detection and Response, and Threat Hunting ■ Endgame Malwarescore™, powered by machine learning, prevents execution of 99+% of known and unknown malware without signatures. ■ Behavior-based prevention stops damage and destruction caused by ransomware. ■ Technique-focused prevention operates in the kernel to stop fileless attacks. Accelerated detection and response outpaces adversaries across the attack lifecycle ■ Kernel-level in-memory protection at scale stops fileless attacks by detecting techniques like process injection, memory modification, and hidden modules in seconds. ■ Technique-focused protection stops attacks such as malicious persistence, credential dumping, malwareless attacks (legitimate tools like PowerShell for malicious purposes), and privilege escalation by leveraging Endgame's knowledge of adversary tradecraft. ■ Single-click response actions like thread- level suspension enables SOC teams to evict adversaries without business disruption. Automated Hunt empowers tier 1 analysts to detect and remediate at enterprise scale ■ Continuous monitoring, capture, and analysis of all endpoint events provides complete visibility of the origin, and full extent of the attack with zero gaps in coverage. ■ Endgame’s machine learning powered chatbot, Artemis, empowers analysts to prioritize, triage, and remediate alerts, before damage and loss occurs without relying on complex queries and known IOCs. ■ Hundreds of whitebox tradecraft analytics streamline detection and response workflows to surface suspicious artifacts across millions of records in minutes. WWW.ENDGAME.COM 3101 WILSON BLVD, ARLINGTON, VA 22201
© Copyright 2024 Paperzz