Endgame New Release: Outpace the Attacker with Precise Attack Visualization & NLU Guidance

Today, we released the 2.5 version of the Endgame platform. This new release extends the scope, speed, and simplicity of our platform with new prevention, detection and response, and automated threat hunting capabilities. Our newest features Endgame Resolver™ with Endgame Artemis® enhancements provides analysts with the simplest visual experience and turn by turn guidance to contain and remediate threats before data theft or disruption.

This new release contains the following features:

  • Endgame Resolver™ instantly identifies the origin and the extent of the compromise. This visualization answers the questions, "how did this get here?" and "what did this do?". Endgame’s enriched endpoint data and single-click pivots on any point in the attack visualization allows for instantaneous response.

  • Tradecraft Protections have been updated with a new architecture that allows for sophisticated preventions based upon enriched endpoint events. Our unique autonomous endpoint architecture allows our preventions to operate even if the endpoint is offline, expanding our coverage of the MITRE ATT&CK™ matrix.

  • Endgame Artemis® has a significantly improved NLU model, expanding its capabilities embedding guided response suggestions, whisper text. Artemis coverage now includes the Linux operating system.

  • Endgame Arbiter™, cloud-based attack analysis engine, provides detailed insight of any malicious file to reveal artifacts of never-before-seen attacks.

  • Unprecedented visibility with enriched endpoint data, adding registry and file changes to existing process events, network connection, DNS request, and netflow data. Event capture coverage is extended to Linux operating systems.

  • Enhanced Threat Hunting automatically conducts patent-pending live memory forensics at the time of an alert, pinpointing attackers hiding in memory to stop resident attackers in seconds.

  • Alert Response Improvements provide key investigator data with every alert, including token privileges, process memory capture, and process strings, automating forensic analysis of volatile data.

  • Ongoing Protection Improvements provide increased effectiveness minimizing false positives in Endgame MalwareScore® and dynamic ransomware prevention. Endgame also enhanced patented exploit prevention, HA-CFI, to support Intel's newest chipset, Kaby Lake.

 

Endgame's Newest Features Continue to Augment Analysts & Provide Greater Protections

This new release empowers analysts of any skill level to defend against targeted attacks in seconds by delivering precise attack mapping and recommended response actions in plain English. Endgame's endpoint protection platform already provides more coverage of attacker techniques and technologies than any other single solution. Our commitment to transparency and public testing makes this easy to see. We also are the first solution to be validated beyond file based malware with a public simulation of a targeted attack by the MITRE Corp.  Our customers spend less time triaging alerts and more time on innovation and growth. 

For a detailed demo, reach out to demo@endgame.com