Progent's ProSight Active Security Monitoring services feature advanced behavior analysis technology by SentinelOne to provide state-of-the-art protection for all endpoints as well as servers. This approach to malware protection addresses the latest wave of cyber attacks, such as crypto-ransomware, which routinely avoid filtering by conventional signature-matching anti-virus (AV) techniques. Progent is a SentinelOne Partner, dealer, and integrator.
Progent's Active Security Monitoring gives small and mid-sized businesses the advantages of the same AV tools used by some of the world's biggest corporations such as Walmart, Citi, and NASDAQ. By delivering real-time malware blocking, detection, containment, repair and analysis in a single integrated platform, ProSight ASM reduces TCO, simplifies management, and expedites operational continuity. The next-generation endpoint protection (NGEP) incorporated in Progent's Active Security Monitoring was ranked by Gartner Group as the "most visionary Endpoint Protection Platform (EPP)."
ProSight Active Security Monitoring online services utilize a small-footprint agent loaded on each enrolled endpoint and server to create a dynamic security grid that responds to potential malware instantly and orchestrates unified defense that includes:
Progent's ProSight ASM and the Current Cybersecurity Landscape
Over 97% of ransomware breaches could have been deterred by modern security utilities. Unfortunately, some assaults will break through the best protective measures. The modern security environment is too filled with tireless extortionists, including government-sponsored threat actors, for any organization to consider itself impregnable. With this in mind, ProSight Active Security Monitoring is intended not just to keep ransomware from gaining access to your information network, but also to respond powerfully to any detected penetration. This includes instant isolation of infected devices, automatic threat removal, fast immunization of all machines by means of embedded agents, single-click restore to a pre-attack state and comprehensive forensic analysis to show you how to bolster your cybersecurity defense to ward off subsequent attacks. By providing advanced defenses during all phases of a cyber assault, ProSight Active Security Monitoring offers a comprehensive platform for surviving today's increasingly dangerous cybersecurity landscape and avoiding the economic and reputation loss associated with a serious cybersecurity breach.
Endpoints such as desktops, notebooks and phones are the most vulnerable and most commonly attacked components of a network. Progent's Active Security Monitoring services offer a unified endpoint protection (EPP) solution to handle the full lifecycle of a malicious assault including blocking, classification, remediation, cleanup and forensics. Threats managed by ProSight Active Security Monitoring include:
Modern AV tools supplement conventional signature-based detection with behavior analysis. This technique tracks the activity of a possible attack and determines whether the activity is typical and innocuous or unusual and possibly threatening. For example, does the code under observation impact an unusually large number of processes? Does it alter the registry? Does it save keystrokes? Basically, behavior analysis focuses on potentially dangerous actions instead of on a fixed signature, which an adversary can quickly nullify simply by changing a few bytes of malware code.
Prevention: Before the Breach
New threats are being developed fast enough to overwhelm the capacity of signature-style anti-virus labs. The market started to recognize the limitations of signature-matching EPP about a decade ago. Since then things have become more serious.
Progent's ProSight Active Security Monitoring uses modern cloud-based anti-virus centers and reputation services from leading providers to stop recognized malware attacks. This combined with deep file inspection and shared blacklisting and whitelisting give Progent's Active Security Monitoring an advantage over traditional anti-virus solutions. Still, prevention is only the initial phase of next-generation AV protection. Sophisticated exploits, file-less and script-based assaults easily slip by signature-based systems. For example, hackers often employ a so-called packing technique to camouflage malware code so security researchers and anti-virus software are unable to recognize the threat.
Recognition and Response: During the Assault
The next phase of the endpoint protection process involves reacting to a cyber attack while the malware code is running after a break-in. Progent's ProSight Active Security Monitoring uses next-generation endpoint protection technology to detect malicious activity resulting from any attack that penetrates the first wall of defense. To compromise data, even file-less threats such as memory-resident assaults perform red-flag behaviors such as creating an executable file without authorization. Progent's ASM's low-profile resident software agent monitors activity in every enrolled endpoint device and uses advanced behavioral threat analysis and deep execution context to recognize new assaults immediately after they start. After an assault is detected, Progent's Active Security Monitoring immediately quarantines the impacted endpoint from the network to minimize the damage. Since the ProSight Active Security Monitoring software agent runs autonomously, endpoint devices remain protectedd even if they are disconnected from the Internet.
Recovery: After a Penetration
After isolating an attack, ProSight ASM initiates the recovery process. If ProSight ASM is implemented with Microsoft Windows Volume Shadow Copy Service (Windows VSS), modifications to data caused by a cyber attack can be automatically rolled back to a safe state with a single click. Progent's ASM also logs any system files and configurations that were modified by the attack and what files were restored. Any time ProSight ASM detects a recent malicious binary, the malware code is flagged and all devices on the system that are secured by ProSight ASM agents are inoculated against the latest assault. Also, the ProSight Active Security Monitoring management tool provides comprehensive forensics such as an informative visualization of the assault's storyline throughout the targeted network from start to finish. This history of how an assault travelled within the network helps your IT staff to assess the impact and brings to light weaknesses in policies or work habits that need to be rectified to prevent future breaches.
Download the ProSight ASM Datasheet
To download a PDF datasheet about the major features of ProSight ASM services, click:
Progent's ProSight Active Security Monitoring Ransomware Protection Datasheet. (PDF - 89 KB)
Contact Progent about ProSight Active Security Monitoring Services
To learn more information about how Progent can help your business set up an affordable and efficient crypto-ransomware protection system with ProSight Active Security Monitoring service, call