turning the elusive into the tangible · vmware software powers the world’s complex digital...
TRANSCRIPT
eSentire, Inc., the global leader in Managed Detection and Response (MDR), keeps organizations safe from constantly evolving cyberattacks that technology alone cannot prevent. Its 24x7 Security Operations Center (SOC), sta�ed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $6 trillion AUM, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.esentire.com and follow @eSentire.
The problem: Prevention technology is not enough and your security sta� can’t keep up
How can you prevent unknown zero-day attacks?
Threat actors continuously find ways to circumvent endpoint detection, so your defenses must continuously evolve to stay ahead of new attacker behaviors.
Organizations that experienced an endpoint attack which compromised data assets and/or IT infrastructure.1
Technology tools and automation are an important piece of the puzzle for stopping known attacks in their tracks, but you cannot ring an alarm on the elusive. Understanding and predicting attacker behavior is a critical component in the evolution of endpoint security.
The solution: Modern endpoint security
You need a holistic endpoint security solution that combines leading endpoint protection technology and predictive security modeling with 24x7 monitoring, machine learning and elite threat hunting to enable organizations to detect and stop the elusive.
eSentire esENDPOINT, powered by VMware Carbon Black
esENDPOINT combines eSentire’s elite threat hunting with VMware Carbon Black’s next-generation antivirus and EDR capabilities to eliminate blind spots traditional prevention misses. VMware Carbon Black’s predictive threat modeling combines with eSentire’s proprietary machine learning technology to continuously tune the latest detection measures to prevent known attacks and identify potential unknown and zero-day threats. Recognized threats are automatically blocked at the endpoint with VMware Carbon Black’s technology and an elite team of eSentire’s threat hunters rapidly investigate and neutralize the most elusive of threats, preventing lateral spread.
VMware software powers the world’s complex digital infrastructure. The company’s cloud, networking and security, and digital workspace o�erings provide a dynamic and e�cient digital foundation to customers globally, aided by an extensive ecosystem of partners. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough innovations to its global impact. For more information, please visit https://www.vmware.com/company.html VMware and Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.
1,2,3 The Third Annual Study on the State of Endpoint Security Risk – Ponemon Institute, January 2020, 4 VMware Carbon Black - 2020 Cybersecurity Outlook Report, 5 Source: a commissioned study conducted by Forrester Consulting on behalf of VMware, January 2020, 6,7 The Third Annual Study on the State of Endpoint Security Risk – Ponemon Institute, January 2020, 8 VMware Carbon Black - 2020 Cybersecurity Outlook Report
The best defense is a good o�ense
Top 10 Malware Behaviors of 2019*
Attacker behavior continues to evolve and become more evasive. VMware Carbon Black observed evasion behaviors in 90% of malware samples analyzed, a clear indication that attackers are increasingly attempting to circumvent legacy security solutions.8
Defenders need to shift from a purely prevention (blocking) mindset to a behavioral (hunting) methodology.
Attacks respondents believe antivirus misses.7
Traditional Antivirus:
Endpoint detection and response (EDR) technology:Successful endpoint breaches that
are new zero-day attacks.2
Of organizations say it is likely they will experience a new or unknown zero-day attack.3
VMware Carbon Black security experts observed
defense evasion behavior in 90% of malware
and 95% of ransomware samples analyzed.4
Do not have the sta� to support the technology.6
Of IT and security respondents report teams are understa�ed.5
Defense Evasion: Software Packing
Defense Evasion: Hidden Window
Command & Control: Standard Application Layer Protocol
Discovery: Process Discovery Persistence: Registry Run Keys/ Startup Folder
Defense Evasion: Modify Registry
Defense Evasion: Visualization/Sandbox Evasion
Discovery: File & Directory Discovery
Command & Control Lateral Movement: Remote File Copy
Discovery: Time Discovery
*Source:VMware Carbon Black
800600400200
TOTAL COUNT
0
Turning the Elusive into the TangibleUnderstand cyberattacker behavior to e�ectively hunt endpoint threats.