[November 30, 2016] |
|
Fidelis Cybersecurity Boosts Detection and Shortens Response and Resolution Times for Security Incidents with Real-Time Attack Visualization and Monitoring for Endpoint Devices
Fidelis
Cybersecurity™, the leading provider of solutions for detecting and
stopping advanced cyberattacks, announces new time-saving features,
enhancements and usability improvements to its Fidelis
Endpoint™ product. Fidelis Endpoint 6.1 shortens the time to
investigate and resolve security incidents and provides real-time
insights into attackers when they infiltrate your endpoints and hide in
your environment.
"The attacks are happening on laptops, servers and other endpoints,"
says Fidelis Cybersecurity Senior Vice President of Products Brian
Karney. "Immediate and long-term visibility is critical when it comes to
limiting the damage attackers can do. With Fidelis Endpoint, security
teams can immediately and retrospectively detect suspicious activity
across endpoints and get one-click access to the related information
they need to understand and act on that alert."
Highlights of the enhancements included in Fidelis Endpoint 6.1 include:
-
Real-Time Event Monitoring: The introduction of new centralized
event monitoring provides real-time detection and visibility into what
is happening on endpoints across the enterprise. With this release,
Fidelis Endpoint now continuously records and streams key endpoint
activities including file, process, registry, network, URL and DNS
into a centralized event repository. In addition to improved
detection, the historical event data holds valuable clues that let you
trace an alert back to its original source. When you get new
intelligence from Fidelis or your threat intelligence services, you
can apply it to the historical events to detect if you've been
compromised in the past.
-
Enhanced Detection Engine: A new detection engine built on top
of the centralized event monitoring system provides real-time threat
detection. Detections are driven by a growing set of behavioral rules
-- also known as indicators of attack and powered by the Fidelis
Threat Research Team -- that can be configured to take automated
actions, such as tagging for later review, isolating the machine, or
acquiring RAM (News - Alert). The new detection engine supports third party/custom
indicator feeds and has the ability to create custom behavior rules.
-
Event Driven User Interface: When an attack occurs, a new
event-driven user interface provides an interactive playby-play view
that shows how the incident unfolded so security teams can take
appropriate action to resolve the issue. Users can also filter through
data and quickly tag (News - Alert) an event, see similar events, or easily create an
alert rule when they discover something malicious to drive future and
retrospective detections.
-
Fidelis Network™ Integration: The
introduction of event monitoring enhances the product's integration
with Fidelis Network. Now, when Fidelis Endpoint receives an alert
from Fidelis Network, it automatically queries the event repository to
determine what took place and validate the alert. Results happen
within seconds and an alert rule is dynamically created to watch
across others systems for the endpoint activity that triggered the
Fidelis Network alert.
-
Script Support for All Jobs: All jobs are now executed using
the peer-to-peer script engine, which enables users to perform
queries/jobs and receive results in near real-time across hundreds of
thousands of endpoints.
-
Enhanced Endpoint Context: Users can now quickly access
additional context about endpoints of interest. This lets users
quickly see who is currently logged into a system, the host name, IP
address, OS, event data associated with a specific endpoint and the
job history for a particular endpoint - all in one location.
"Until this release, users have been forced to choose between vendors
who had optimized their endpoint products for query speed or real-time
threat detection from centralized events, or endpoint forensics," says
Fidelis Cybersecurity Chief Technology Officer Kurt Bertone. "Fidelis
Endpoint 6.1 is the first and only endpoint detection and response
product with an architecture optimized to support all three of these use
cases in a single product."
Fidelis Endpoint 6.1 is generally available today.
Learn More
- Contact Fidelis to schedule
a demo - Watch our Fidelis
Endpoint video for an overview - Read the new Endpoint blog
post on Threat Geek - Visit the Fidelis Endpoint product
page - Read the Fidelis Endpoint datasheet
About Fidelis Cybersecurity
Fidelis Cybersecurity is creating a world where attackers have no place
left to hide. We reduce the time it takes to detect attacks and resolve
security incidents. Our Fidelis
Network™ and Fidelis
Endpoint™ products look deep inside your traffic and content where
attackers hide their exploits. Then, we pursue them out to your
endpoints where your critical data lives. With Fidelis you'll know when
you're being attacked, you can retrace attackers' footprints and prevent
data theft at every stage of the attack lifecycle. To learn more about
Fidelis Cybersecurity products and incident response services, visit www.fidelissecurity.com
and follow us on Twitter (News - Alert) @FidelisCyber.
View source version on businesswire.com: http://www.businesswire.com/news/home/20161130005460/en/
[ Back To TMCnet.com's Homepage ]
|