The threat landscape has changed dramatically over the past several years. While file-based threats are still a real consideration, more than half of today’s malware is NOT file-based. The introduction of script-based attacks and memory-based threats gives today’s threat actors a new way to attack your clients. Plus, when threats are happening globally, and covered on national news, your clients are scared and they need someone to turn to.
While the growth in ransomware families increased as predicted, ransomware reached its peak with the WannaCry and Petya attacks. WannaCry alone is estimated to have infected 300,000 machines around the world and to have caused financial and economic losses of up to $4 billion. These unprecedented attacks showed that cybercriminals are diversifying in methods, exploits, and attack vectors used. This is further proven by ransomware targeting non-Windows systems as well as variants capable of evading machine learning and sandbox detection. With ransomware evolving, MSPs must consider a single multi-layered security solution to reduce the risk of being compromised.
Why Anti-virus Is No Longer Effective
The number of recognized threats is growing exponentially. There are over 75,000 new malicious programs every day. Even if it was possible to keep virus signatures up to date, comparing suspicious files to the signatures that would be required would consume all of the computer’s resources and bring performance to a grinding halt. Even with out-of-date signatures, AV scans every document, leading to a slow computer and user frustration culminating in them disabling the software designed to protect them. Further, anti-virus products are vulnerable to zero-day attacks and many of today’s threats: AV will not scan memory, scripts, and won’t recognize file-less attacks. In fact, today’s threat actors are writing malware specifically designed to evade detection by old fashioned AV software. Clearly a better solution is needed.
Why we chose SentinelOne
IBRS realized that SMB didn’t have access to Enterprise-level security tools. Yet they are facing the same threats as larger organizations. IBRS tested more than 30 of the best security tools and selected SentinelOne as the best Next Generation End Point Protection Solution. SentinelOne has exceptional behavioral, machine-based models that can detect nearly any type of attack, including ransomware, viruses, hacks, and zero-day attacks.
Your Next Generation Endpoint Protection (NGEP) solution needs to address six core pillars that, when taken together, can detect and prevent the most advanced attack methods at every stage of their lifecycle. SentinelOne was founded by a group of international defense and intelligence experts who saw the need for a dramatic new approach to endpoint protection. The SentinelOne Endpoint Protection Platform (EPP) leverages advanced machine learning and intelligent automation to protect Windows, OS X, and Linux-based endpoint devices from threats across all major vectors: advanced malware (file- and memory-based), exploits and stealthy script-based attacks. It closely monitors every process and thread on the system, down to the kernel level. A view of system-wide operations – system calls, network functions, I/O, registry, and more – as well as historical information, provides a full context view that distinguishes benign from malicious behavior. Once a malicious pattern is identified and scored, it triggers an immediate set of responses ending the attack before it begins.