- Company (that provides the nominated product / solution / service): Endgame
- Website: https://www.endgame.com
- Company size (employees): 145
- Product Version Number: Version 2.0
- Type of solution: Software
- Year this product or service was first introduced to the market: 2016
- Year the current version of this product or service has been released: 2016
In 3 bullets, summarize why this product or service deserves recognition:
- Endgame prevents, stops and hunts for exploits, malware and malwareless attacks at the earliest and all stages of the kill chain.
- Endgame empowers Tier 1 SOC analysts to be productive to stop advanced attacks before damage and loss occurs.
- Endgame's technology and techniques are proven to detect and respond rapidly to cyber threats in the most extreme environments - from defending US national security interests to protecting the world's critical infrastructure.
Here are the benefits that Endgame customers experience from the platform:
- Stop Damage and Loss: IOC-independent prevention and detection stops advanced adversaries at the earliest and all stages of the kill chain.
- Transform Hunt, IR and SOC teams: Automated hunts equip analysts with collection, investigation, and intelligent response ensuring instant enterprise-wide detection and remediation.
- Eliminate IR and Forensic Costs : Early prevention and accelerated detection minimizes adversary dwell time eliminating investigation and forensic costs.
- Zero Business Disruption: Thread-level response evicts advanced attackers out of enterprise networks without disrupting normal business operations.
In less than 300 words, summarize the most important features and benefits of this product or service
Earliest Prevention: Endgame prevents known and unknown threats at the earliest stages of the attack cycle without relying on IOCs, before damage and loss occur.
– Endgame’s predictive exploit prevention stops adversaries in real time before they execute code by autonomously predicting changes in program control flow to pre-empt malicious execution.
– Endgame MalwareScore™ detects known and unknown malicious files without relying on signatures, streamlining the detection process by providing key information to focus analysts’ attention.
– Fileless attack protection prevents malware-less attacks with patented process injection and identifies advanced evasion techniques attackers use to hide their presence in enterprise networks.
Accelerated Detection: Endgame stops attackers at the earliest stages of the attack life cycle by detecting advanced techniques across the breadth of the attacker life cycle and depth of ATT&CK matrix . By monitoring chokepoints within the operating system we detect advanced techniques such as privilege escalation, malicious persistence, credential theft, lateral movement, and in-memory attacks
Hunt Automation: Automated collection, analysis and response reduce the hunt from days to seconds with one-click detections of adversary techniques at scale across the network. Whitebox analytics help analysts surface suspicious artifacts across millions of records in minutes, before damage and loss occur. Two-way API support ensures integration with workflow, external data, and existing process and reporting.
Uninterrupted Operations: Endgame’s single lightweight agent prevents, detects and responds to advanced threats, on-demand and persistent deployment options across the entire enterprise. Signature diversity within and across enterprises prevents fingerprinting of the agent. Industry leading anti-tampering protections prevent disabling, protecting hunt operations from disruption.