SAN FRANCISCO – April 18, 2018 – SentinelOne, the autonomous endpoint protection company, has announced the addition of new Risk and Vulnerability Management capabilities in the SentinelOne Endpoint Protection Platform - empowering customers to prioritize the most vulnerable applications, devices, and groups on their networks.
Vulnerable software applications are increasingly targeted by attackers to compromise endpoints and gain a persistent presence on targeted networks. The SentinelOne Endpoint Protection Platform maintains an up-to-date inventory of all applications installed on the endpoints on which its agent is installed. By correlating this information with the National Vulnerability Database (NVD), SentinelOne is able to produce risk reports to identify vulnerable applications, devices, and groups. This enables customers to proactively secure the pathways attackers are most likely to take.
“New vulnerabilities are discovered every day, but organizations often find out about them too late in the cycle to prevent attacker exploitation. Vulnerability scanners like Qualys or Rapid7 can take a long time to generate vulnerability reports, by which time attackers may have already exploited the weaknesses,” said Raj Rajamani, VP of Product Management, SentinelOne. “SentinelOne is the only next-gen endpoint protection platform to natively provide highly-accurate and comprehensive reports without performing a scan. This enables customers to stay ahead of attackers by identifying the vulnerable points they’ll try to exploit.”
Endpoint devices, especially laptops, are assigned dynamic IPs using DHCP. When using un-credentialed scans, associating the results with the right device is a time-consuming task. Credentialed scans require shared credentials or pose a credential management nightmare. As a result, these assets are seldom covered by vulnerability scans.
“Another weakness of traditional vulnerability management is that they only identify the problem, but do not solve them,” said Rajamani. “SentinelOne protects against known and unknown vulnerabilities using its Exploit Shield technology.”
The Risk and Vulnerability reports are available for applications on all supported platforms - Windows, MacOS, and Linux. The Risk report uses various factors including vulnerabilities, agent version, user location/risk, and countermeasures to create a prioritized list of applications for patching.
For more information, please visit www.sentinelone.com. SentinelOne will be showcasing Risk and Vulnerability Reports during RSA at booth #935 Moscone South.
SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects and responds to attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook.