- Company (that provides the nominated product / solution / service): Endgame
- Website: https://www.endgame.com
- Company size (employees): 145
- Country: United States
- Type of solution: Software
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
- Endgame prevents, stops and hunts for exploits, malware and malwareless attacks at the earliest and all stages of the kill chain.
- Endgame empowers Tier 1 SOC analysts to be productive to stop advanced attacks before damage and loss occurs.
- Endgame's technology and techniques are proven to detect and respond rapidly to cyber threats in the most extreme environments - from defending US national security interests to protecting the world's critical infrastructure.
Here are the benefits that Endgame customers experience from the platform:
- Stop Damage and Loss: IOC-independent prevention and detection stops advanced adversaries at the earliest and all stages of the kill chain.
- Transform Hunt, IR and SOC teams: Automated hunts equip analysts with collection, investigation, and intelligent response ensuring instant enterprise-wide detection and remediation.
- Eliminate IR and Forensic Costs : Early prevention and accelerated detection minimizes adversary dwell time eliminating investigation and forensic costs.
- Zero Business Disruption: Thread-level response evicts advanced attackers out of enterprise networks without disrupting normal business operations.
Earliest Prevention: Endgame prevents known and unknown threats at the earliest stages of the attack cycle without relying on IOCs, before damage and loss occur.
– Endgame’s predictive exploit prevention stops adversaries in real time before they execute code by autonomously predicting changes in program control flow to pre-empt malicious execution.
– Endgame MalwareScore™ detects known and unknown malicious files without relying on signatures, streamlining the detection process by providing key information to focus analysts’ attention.
– Fileless attack protection prevents malware-less attacks with patented process injection and identifies advanced evasion techniques attackers use to hide their presence in enterprise networks.
Accelerated Detection: Endgame stops attackers at the earliest stages of the attack life cycle by detecting advanced techniques across the breadth of the attacker life cycle and depth of ATT&CK matrix . By monitoring chokepoints within the operating system we detect advanced techniques such as privilege escalation, malicious persistence, credential theft, lateral movement, and in-memory attacks
Hunt Automation: Automated collection, analysis and response reduce the hunt from days to seconds with one-click detections of adversary techniques at scale across the network. Whitebox analytics help analysts surface suspicious artifacts across millions of records in minutes, before damage and loss occur. Two-way API support ensures integration with workflow, external data, and existing process and reporting.
Uninterrupted Operations: Endgame’s single lightweight agent prevents, detects and responds to advanced threats, on-demand and persistent deployment options across the entire enterprise. Signature diversity within and across enterprises prevents fingerprinting of the agent. Industry leading anti-tampering protections prevent disabling, protecting hunt operations from disruption.