Fidelis Endpoint® - Live Demonstration
1 like854 views
Fidelis Cybersecurity offers an automated endpoint detection and response solution to improve visibility, reduce response times, and enhance protection against threats. The platform provides real-time monitoring, threat detection, and automated responses to streamline security processes and mitigate alert fatigue. With a focus on increasing efficiency and effectiveness, Fidelis integrates various tools to provide comprehensive threat management across networks and endpoints.
Fidelis Endpoint® - Live Demonstration
- 1. Live Demonstration – Ensure Greater Visibility and Response with Fidelis Endpoint®
- 2. © Fidelis Cybersecurity Leader inAutomated Detection & Response 2 GLOBAL PRESENCE • Established 2002 • HQ in Washington, DC • Fortune 100 & DoD enterprise proven • 12 of the Fortune 50 • 24 of the Fortune 100 • Backed by Marlin Equity Partners PATENTED INNOVATION • Fidelis Elevate Platform • Network Detection and Response • Endpoint Detection and Response (EDR) • Data Loss Prevention (DLP) • Deception • Discovery and Classification of Data and Assets • Gartner Cool Vendor 2017 for Deception • Gartner Visionary 2017 for DLP
- 3. © Fidelis Cybersecurity The Challenges PEOPLE Security Skills Shortage TECHNOLOGY Patchwork of Security Solutions PROCESS Manual, Ad-Hoc Processes Not enough security experts for effective defense Reviewing alerts is time consuming and critical alerts are missed Overlapping tools create more work and lead to alert fatigue 3
- 4. © Fidelis Cybersecurity The Current Reality 400,000,000 events received per day 5,714 alerts generated and evaluated per day 157 incidents investigated per day Now What? Too Many Alerts | Disparate Tools | No Advanced Endpoint Detection | Not Enough Resources 4
- 5. © Fidelis Cybersecurity More Is Not the Answer More people More firewalls and prevention WHAT’S NOT WORKING? More process More alerting WHAT’S THE ANSWER? 5
- 6. © Fidelis Cybersecurity Fidelis Endpoint® 6 INCREASE visibility, REDUCE your response time, and AUTOMATE Endpoint Detection & Response.
- 7. © Fidelis Cybersecurity We Do Four Things and We Do Them Well 7 1 INCREASE visibility to detect threats 2 REDUCE time to respond to threats 3 AUTOMATE Endpoint Response 4 ENHANCE your endpoint protection
- 8. © Fidelis Cybersecurity Fidelis Endpoint® 8 VISIBILITY Trigger intelligent actions from dynamic analysis; close security lifecycle loop Instantly validate alerts by correlating network/ endpoint data with threat correlation engine Monitor endpoint activity; find compromised systems DETECTION RESPONSE Decrease Theft of Assets & IP Lower Overall Cost of Response Minimize Disruption to Business Mitigate Damage to Reputation/Integrity
- 9. © Fidelis Cybersecurity A Day in the Life – Before Fidelis Endpoint 9 Review alert and determine what info is needed to validate it. Review information and determine if the endpoint is compromised. If compromised, figure out if you should clean it or re-image it. Wonder to yourself if that’s the only compromised endpoint. Then move on. Manually update your firewall and breach detection rules. BEST CASE Hours or Days Get info back from IT. It’s wrong (or not enough). Open a ticket with IT to ask someone to go get the information.
- 10. © Fidelis Cybersecurity10 Fidelis finds everywhere else the same thing that occurred now and in the past. Fidelis automatically prevents the threat going forward. You decide on remediation activity and initiate it. Fidelis detects, validates and creates a real alert. Fidelis automatically gathers all relevant info for investigation. Fidelis automates response playbooks. TYPICAL CASE MINUTES (vs. Hours or Days) AUTOMATED AUTOMATED A Day in the Life – With Fidelis Endpoint
- 11. © Fidelis Cybersecurity Fidelis Endpoint® Gain Greater Visibility and Deeper Insight • Gain visibility into all threat activity at the endpoint • Monitor endpoints (in real-time and retrospectively) on and off the network • Playback analysis enables recording of key events and automatically delivers a timeline related to suspected incidents, along with the prioritized alerts Detect Threats Faster and More Effectively • Real-time detection driven by behavioral rules and indicators provided by Fidelis research team, third party feeds, custom behavioral rules and Fidelis AV • Hunt for threats directly on the endpoint, in both the file system and memory • Leverage threat intelligence to automatically detect threats from system events 11
- 12. © Fidelis Cybersecurity Fidelis Endpoint® Automate Endpoint Response • Integrate with SIEMs, NGFWs, and more to execute response actions to alerts • Access large library of response scripts with flexibility to create your own • Isolate the endpoint, rollback to previous snapshot, CVE scanning, etc. • Create automated responses to kick-off remediation or deep analysis Enhance Your Endpoint Protection (Add-on AV Capability) • Robust detection and prevention integrated into the event recording features • Traditional signature and heuristic-based detection and prevention of threats • Quarantine files and block execution • Prevent process execution 12
- 13. © Fidelis Cybersecurity Eliminating Agent Fatigue = Efficiency/Effectiveness Gains 13 System / Vulnerability Management Endpoint Detection and Response Endpoint DLP Host Firewall / IDS Endpoint Protection Platform (AV / AV 2.0) Endpoint Detection and Response Endpoint Protection Platform (AV / AV 2.0) EMC/RSA (ECAT) Fidelis Endpoint®
- 14. © Fidelis Cybersecurity Automated Endpoint Validation & Response (With Fidelis Network® Integration) • Highlight the importance of an alert with endpoint activity validation • Automatically prioritize important alerts • Answer critical analytic questions ahead of time (compared to non-validated alerts) • Be certain that the alerts you are looking at are actionable • Automate response with playbooks and rapid, surgical remediation capabilities 14
- 15. © Fidelis Cybersecurity Automate Detection and Response with The Fidelis Elevate™ Platform 15 Accuracy. Clarity. Certainty. • Gain threat visibility into networks, endpoints and cloud environments • See north-south traffic, lateral movement, and traffic going in and out of your network • Automate detection and response to reduce exposure and risk to data • Respond to threats at the endpoint • Mitigate data leakage and exfiltration • Reduce dwell time with an active post- breach defense
- 16. Demo
- 17. © Fidelis Cybersecurity Fidelis Endpoint Deployment Architecture 17
- 18. © Fidelis Cybersecurity Questions and Next Steps • Read the Datasheet https://www.fidelissecurity.com/resources/datasheets/endpoint • Request a Demo • Endpoint: www.fidelissecurity.com/products/endpoint/demo • Elevate: www.fidelissecurity.com/products/security-operations-platform/demo • Free Elevate Assessment www.fidelissecurity.com/fidelis-elevate-security-assessment 18
- 19. Thank You!