SentinelOne, the company that’s transforming endpoint security by delivering real-time protection powered by machine learning and intelligent automation, has announced a powerful new solution aimed at protecting enterprise data centres and cloud providers from emerging threats that target Linux servers.
[easy-tweet tweet=”#CloudNews: @SentinelSec announces end-point security for #Linux servers” user=”comparethecloud”]
Today’s internet is largely powered by Linux servers, many of which have become the target of attackers looking to utilise this vast pool of resources for much larger and more aggressive campaigns. Traditionally these have consisted of DDoS attacks, but more recently attackers are increasing their utilisation of these comprised resources to distribute malware to other systems outside the affected company. When it comes to protection, Linux systems suffer from the same shortcomings inherent in traditional antivirus software that relies on static signatures for detection of threats, and provides no means to detect the thousands of new threats that emerge daily.
“As we have seen, Linux endpoints, whether they are servers or other devices, are not immune to malware and other forms of attack,” said Tomer Weingarten, CEO of SentinelOne. “To address this new threat plane, SentinelOne EPP now provides the same exceptional level of integrated threat detection, prevention and remediation for Linux machines as it does for Windows and OS X devices.”
To detect and block even the most sophisticated threats and zero-day attacks, SentinelOne uses a lightweight autonomous agent to monitor all activity in both kernel and user space (including files, processes, memory, registry, network, etc.) on the protected device. Each agent leverages the SentinelOne Dynamic Behavior Tracking (DBT) Engine which uses sophisticated machine learning to predict threats across any vector against a full context of normal application behavior. Once malicious activity is detected SentinelOne immediately employs a series of automated mitigation and quarantine processes to eliminate the threat in real-time. SentinelOne also maintains a detailed audit trail of activity for forensic analysis and reporting which is delivered to the management console in real-time.
SentinelOne is the only vendor that enables organisations to both deploy next-generation endpoint protection and replace antivirus while ensuring that industry and government regulatory requirements are met. Unlike other next-generation endpoint security products, SentinelOne EPP is certified by AV-TEST to meet regulatory requirements for antivirus protection on both OS X and Windows machines, with Linux certification under way.