Endgame Leaves Attackers Nowhere to Hide: Expands Detection Features for In-Memory Attacks and Malicious Persistence
Platform Anticipates Latest Attacker Innovations to Offer the Earliest Endpoint Detection and Response Solution in the Market
ARLINGTON, VA - Oct. 20, 2016 - Endgame, the leading endpoint security platform closing the protection gap against advanced attackers, today released a major update which expands coverage of the attacker lifecycle to anticipate adversary innovations. Today's release enhances In-Memory Attack Detection and Malicious Persistence Detection capabilities, building on Endgame's best-in-class pre-exploit prevention, signature-less malware detection, early-stage attacker technique detection, and automated investigations.
"Advanced adversaries are waging war on the endpoint, and security professionals realize that existing defensive technologies are not enough to prevent these sophisticated attacks," said Jian Zhen, SVP of Product at Endgame. "Endgame provides the earliest prevention, detection and response to disrupt the attack lifecycle without the need for signatures. Our latest platform innovations will uncover the most sophisticated techniques that incumbent tools fail to detect."
In-Memory Attack Detection
Fileless attacks have become pervasive as attackers increasingly attempt to hide their presence from security tools by running only in memory, increasing the likelihood of data theft and damage. With existing EDR tools, memory analysis is currently a slow, resource-intensive process that is only applicable as a post-compromise forensic exercise.
Endgame is the only EDR platform that detects all known and unknown techniques used by adversaries to hide in memory. Endgame's patent-pending technology detects in-memory-only adversaries at scale in seconds by identifying attack artifacts and automating threat remediation.
Malicious Persistence Detection
Recent attacks with wide-ranging geo-political and financial motivations make it clear that organizations are at risk from increasingly sophisticated adversaries that bypass prevention systems and aren't visible to traditional detection tools. Analyzing persistence locations across a network is an effective way to detect these often unique and advanced intrusions.
Endgame's platform analyses persistence locations and applies enrichments and advanced analytics that detect malicious persistence. Other tools provide incomplete collection of persistent files and are incapable of identifying malicious persistent techniques including COM hijacking and never-before-seen malware. What used to be an error-prone process - taking security analysts hours or days - is transformed into a high confidence detections of malicious activity in minutes with Endgame.
"We are excited to incorporate Endgame's new signature-less and in-memory detection capabilities into our hunting methodology," said David McGuire, Vice President at Veris Group's Adaptive Threat Division. "Advanced adversaries often attempt to avoid common detection mechanisms. Providing hunt teams with toolsets capable of detecting those threat actors will be a massive step forward."
This announcement builds on best-in-class advancements in our July release,Endgame 2.0 that include HA-CFI™ and MalwareScore™ signature-less malware detection. Endgame is the first and only endpoint security platform that combines prevention, detection and response in a single centrally managed dissolvable sensor to prevent attacks and eliminate new and already resident adversaries in time to stop damage and loss.
To learn more about today's release, see a demo of our platform.
Endgame is a leading endpoint security platform that enables enterprises to close the protection gap against advanced attacks and detect and eliminate resident adversaries. Endgame transforms security operations teams and incident responders from crime scene investigators into hunters that prevent damage and loss, and dramatically reduce the time and cost associated with incident response and compromise assessment. Our IOC-independent platform covers the entire kill chain, leveraging machine learning and data science to uncover, in real-time, unique attacks that evade traditional defenses and respond precisely without disrupting normal business operations.