SentinelOne

SentinelOne’s approach mitigrates the full attack-cycle (pre-execution, on-execution and post-execution) and detects advanced malware, exploits and sophisticated attack based on behavioral analytics.





The SentinelOne Endpoint Protection Platform (EPP) and Datacenter Protection Platform (DPP) are very scalable, while the endpoint have a very low footprint on the systems. The full detection and prevention measures happen real-time on the endpoint, while the endpoints are all connected safely to a central management console.

After extensive testing by leading labs such as AVTest & NSS Labs, SentinelOne received the label of certified replacement for Anti-virus. On top of that, SentinelOne received very good rating from Gartner and NSS Labs, and meets the heavy PCI DSS 3,1 en HIPAA regulations.
 

Exabeam

SIEMs are typically more than a decade old.  Times have changed since then. Just thinking about the contents of your pocket will prove this.  We went from flip phones and Motorola razrs to iPhone 7s and Androids.   This same change has happened to the IT environments in which SIEMS operate: They have changed – massively – and SIEMs have stayed the same. 

This manifests itself in a number of ways:
 
  1. The data volumes we deal with today are massively larger than those of a decade ago.  We’re talking about an increase of 10 times or more. 
  2. Attacks have changed from Simple, transactional attacks like SQL Injection to Complex, long running attacks which involve lateral movement, touch many systems, and involve multiple credentials.
  3. Infrastructure has changed.  We’ve gone from an on premise, data center centric world to one in which many critical services may be offered via cloud based services.  We’ve also seen the transition from workstations to BYOD and mobile.
  4. Finally, there is a skills shortage which results from a combination of these forces,  There are more attacks today, more tools, more complex technology, and steeper learning curves. This makes it harder to find talent capable of filling staffing requirements.

To solve this problem, Exabeam has created the Exabeam security intelligence platform.  This analytics led platform offers a suite of solutions which help customers collect all of their data, to detect complex modern threats, and to effectively and efficiently respond to those threats.

The star solutions in this portfolio are:
 
  • Exabeam log manager which provides unlimited logging at a cost effective price. This product is aided by Exabeam cloud connectors to import data from popular cloud based services.
  • Next is Exabeam Advanced Analytics, Exabeam’s UEBA solution.  This is the world’s most deployed UEBA solution, aided in detection by Exabeam Threat Hunter, a solution that allows analysts to proactively search networks for adversaries.





 
  • For response, Exabeam makes use of Incident Responder, an automated incident response tool which uses API based integrations and workflow automation to amplify the abilities of your SOC team.

All of this is tied together with Exabeam’s session data framework which is a patented data structure that enriches context, detects lateral movement, and automated incident investigation