New Interpretability Features Ease Threat Hunting, Dynamic Protection and Active Mitigation, Further Extending Security Value while CrowdStrike and Carbon Black Play Catchup

Waltham, MA – CounterTack+GoSecure, the leading provider of Predictive Endpoint Security Platform and MDR Services for the enterprise, announces a major new release of its open and flexible Endpoint Protection Platform (EPP). The new features expand the Platform’s Predictive Analytical capabilities that interpret threat data in simple English enabling proactive response and mitigation. The new capabilities greatly reduce the complexity that security analysts have to deal with to protect their endpoints from advanced threats like memory mods, fileless malware, ransomware and APTs.

Working shoulder-to-shoulder with security analysts, government clients, global MSSPs and our own cybersecurity experts, CounterTack+GoSecure studied use cases against the evolving threat landscape and delivered a range of innovative, never before available capabilities in the Platform. Customers and MSSP partners can now perform correlated threat hunting, live remote control, live memory introspection with machine learning, and more, making endpoint security much more approachable whether deployed on-premise or in the cloud.

“Once again, CounterTack+GoSecure is delivering groundbreaking new innovations in endpoint security, further distancing our technological lead from competitors like CrowdStrike and Carbon Black,” said Neal Creighton, CEO of CounterTack. “These innovations are a giant stride forward, allowing our customers and partners to respond with unprecedented speed, confidence and accuracy to advanced threats from unknown malware or malicious insiders.”

A summary of new features in the current release are as follows:

  • Multi-Observational Analysis with interpretable results with EDR: We added an additional machine learning model that analyzes behaviors of code in memory before it executes. The endpoint sensor dynamically examines, in real-time, millions of possible behavioral capabilities, both good and bad. It applies a multi-model machine learning algorithm that not only asserts if the code is malicious but provides specific reasons why our algorithm believes so. This interpretability is key to helping security analysts perform faster, more confidently and with better prioritization of their analysis, triage and mitigation.Coupled with our existing automatic response capability, we enable dynamic prevention, or the ability to stop, in real-time and without user intervention, any process from continuing to run when it is malicious or becomes malicious. For example, when a previously good process is exploited, it will be terminated before the exploit payload is launched.
  • Live Remote Control: The Platform’s real-time interactive shell can connect remotely to the endpoint for triage and investigation. In contrast to conventional approaches in competitive products that execute a few select commands, the security analyst can use Live remote Control to request real-time DDNA memory analysis on a per process basis, retrieve memory dumps, perform file downloads or uploads, run any command, access registry keys and files – all without relying on external tools from 3rd parties that can be blocked, flagged or compromised by attackers.
  • Context-Driven Threat Intel: While external intelligence is integral to all EDR products, security analysts have consistently reported that they are overwhelmed with the amount of external threat intelligence and are unable to consume it even when correlated with endpoint telemetry. Our Platform’s new scoring approach isolates the needle in the needlestack and aides in prioritizing threats more accurately by leveraging external intelligence within Behavioral Analysis, bubbling up the right information more quickly while reducing noise.
  • Relationship Graph from anywhere: Process Trees are common in many security products and useful to see the system view of what was running around the time of the incident. Security analysts tell us that they still struggle to sift through volumes of the per-process views in order to determine root cause. Our Platform’s Relationship Graphs creates a root cause based graphical view that automatically correlates our Predictive Analysis with process, file, registry, and network events, along with the artifacts that are most pertinent to the analysis including matching external threat intelligence to behaviors – all on one screen – enabling faster time to mitigation and easier communication between tiers of analysts on why something is good or bad.


About GoSecure
GoSecure is a recognized cybersecurity leader, delivering innovative managed security solutions and expert advisory services. GoSecure Titan® managed security solutions deliver multi-vector protection to counter modern cyber threats through a complete suite of offerings that extend the capabilities of our customers’ in-house teams. GoSecure Titan Managed Detection & Response (MDR) offers a best in class mean-time-to-respond, with comprehensive coverage across customers’ networks, endpoints and inboxes. For over 10 years, GoSecure has been helping customers better understand their security gaps, improve organizational risk and enhance security posture through advisory services provided by one of the most trusted and skilled teams in the industry.

    Media Contact

      info@gosecure.net

GoSecure Titan® Managed Extended Detection & Response (MXDR)​

GoSecure Titan® Managed Extended Detection & Response (MXDR)​ Foundation

GoSecure Titan® Vulnerability Management as a Service (VMaaS)

GoSecure Titan® Managed Security Information & Event Monitoring (Managed SIEM)

GoSecure Titan® Managed Perimeter Defense​ (MPD)

GoSecure Titan® Inbox Detection and Response (IDR)

GoSecure Titan® Secure Email Gateway (SEG)

GoSecure Titan® Threat Modeler

GoSecure Titan® Identity

GoSecure Titan® Platform

GoSecure Professional Security Services

Incident Response Services

Security Maturity Assessment

Privacy Services

PCI DSS Services

Penetration Testing Services​

Security Operations

MicrosoftLogo

GoSecure MXDR for Microsoft

Comprehensive visibility and response within your Microsoft security environment

USE CASES

Cyber Risks

Risk-Based Security Measures

Sensitive Data Security

Safeguard sensitive information

Private Equity Firms

Make informed decisions

Cybersecurity Compliance

Fulfill regulatory obligations

Cyber Insurance

A valuable risk management strategy

Ransomware

Combat ransomware with innovative security

Zero-Day Attacks

Halt zero-day exploits with advanced protection

Consolidate, Evolve & Thrive

Get ahead and win the race with the GoSecure Titan® Platform

24/7 MXDR FOUNDATION

GoSecure Titan® Endpoint Detection and Response (EDR)

GoSecure Titan® Next Generation Antivirus (NGAV)

GoSecure Titan® Security Information & Event Monitoring (SIEM)

GoSecure Titan® Inbox Detection and Reponse (IDR)

GoSecure Titan® Intelligence

OUR SOC

Proactive Defense, 24/7

ABOUT GOSECURE

GoSecure is a recognized cybersecurity leader and innovator, pioneering the integration of endpoint, network, and email threat detection into a single Managed Extended Detection and Response (MXDR) service. For over 20 years, GoSecure has been helping customers better understand their security gaps and improve their organizational risk and security maturity through MXDR and Professional Services solutions delivered by one of the most trusted and skilled teams in the industry.

EVENT CALENDAR

LATEST PRESS RELEASE

GOSECURE BLOG

SECURITY ADVISORIES

 24/7 Emergency – (888)-287-5858