Endgame Expands Flexible Architecture with Cloud, On-Premises and Hybrid Options
Provides lowest operational cost while meeting complex compliance requirements
Arlington, VA - October 31, 2018 - Endgame, the leader in unified endpoint protection against targeted attacks, today unveiled new capabilities and features of the Endgame platform specifically designed to address the major challenges of enterprise security teams.
The Endgame architecture implements a single host agent for prevention, detection and response, managed by a Security Operations tier, and backed by cloud-driven Global Services. It is scalable to stop attacks before damage or loss and can be operated by security analysts of any skill level.
New features Include:
- Multi-tier data model supporting cloud and on-premises options to accommodate the global compliance requirements of complex organizations while preserving a complete timeline of all events, wherever endpoints are deployed.
- Total Attack Lookback™ provides 120 days of non-repudiable forensic information about an incident and exceeds average adversary dwell time at zero additional cost.
- Unique workflow automation and autonomous agent operations are extended by this architecture across global deployments.
The Endgame Operations tier combines agent management, investigation, reporting, and business intelligence into a single, integrated interface designed to streamline security operations workflows for incident response and hunt operations. This architecture helps customers meet complex compliance requirements and centralizes administration for even the most complex network topologies.
Endgame Global Services
Endgame can be deployed on-premises or as a SaaS cloud platform using Endgame Global Services, eliminating management and maintenance of the underlying infrastructure and reducing operational costs and deployment overhead.
The Endgame on-premises management option is tailored to organizations with complex data privacy requirements, localized bandwidth constraints, segmented network architectures or those distributed across geographic regions.
Intelligent Automation - Artemis, Resolver, EQL
This new architecture increases the scope, power and performance of Endgame’s groundbreaking automation technologies, Artemis, Resolver and EQL, eliminating the biggest barriers to immediate productivity by investigators, hunters and IT operations. Using plain English, global attack visualization, and the industry’s first event query language optimized for security investigation, users of all experience levels can interact intuitively through a graphical, interactive UI to observe every attacker process, event, and file or registry modification across the entire incident.
Introducing Total Attack Lookback™
Endgame Total Attack Lookback™ provides a complete record of relevant operating system events to determine the origin and extent of a compromise and can serve as a guide to drive compliance and notification requirements.
Using the kernel interface data collection, the Endgame agent captures host event data and contextual information about every process and all activity on the endpoint, giving organizations full control over what is kept locally and what is synchronized to Endgame Global Services. This cloud-driven data store ensures that even roaming or disconnected endpoint events are available for complete incident investigation, and makes it possible to provide a single interface for all security operations workflows no matter if the data is stored on the endpoint, on local private secure storage, or in the cloud.
Endgame's converged endpoint security platform is transforming security programs - their people, processes and technology - with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before information theft. Endgame unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors at scale with a single agent. For more information, visit www.endgame.com and follow us on Twitter @EndgameInc.