Chief Product Officer
Scalable, Real-Time Endpoint Detection
and Response for the Enterprise
Today, organizations face cyberthreats that are targeted directly at them. And, despite having people, process and technology in place, including endpoint protection technologies, many threats still penetrate and attack the innermost assets within the enterprise, as seen yet again by the recent disclosure of the Equifax breach. Attackers have become smart; they study their targets using highly sophisticated tactics and methodologies with the objective of penetrating existing defenses. CounterTack is assisting firms in responding to these needs with a real-time, behavior-based platform that leverages memory forensics and machine learning to identify advanced unknown threats including the recent spate of ransom ware attacks. CounterTack’s Endpoint Threat Platform consolidates multiple capabilities like DLP, insider threat and threat protection into a single sensor providing the highest level of endpoint threat detection and response available today.
CounterTack began delivering EDR and a unique Endpoint Threat Platform (ETP)in its current form in 2011 and went on to build core competencies in creating advanced kernel-mode sensors, including modifications to the Windows kernels as well as hypervisors. “We also advanced our expertise in collecting and managing large volumes of data in real-time. These experiences helped us build a robust real-time sensor with an embedded state machine, and a highly scalable backend to handle large volumes of time-series data in real-time,” says Rajendra Dodhiawala, Chief Product Officer of CounterTack. Commensurate with malware dwell times, CounterTack is the only platform that can store endpoint telemetry data for months (instead of days that competitive solutions do) and make this data available for real-time searches, analysis and machine learning.
CounterTack has maintained a growing, healthy book of business by focusing on their core competencies: understanding OS events to determine behaviors, complemented by patented, in-memory binary analysis, continuing to make the sensor more intelligent and more capable for real-time response, and building a scalable backend to support hundreds of thousands of endpoints with a single on-premise or cloud based deployment. More importantly, CounterTack provides confidence and conviction identifying “why something is bad” and not just a simple yes/no answer.
" We also advanced our expertise in collecting and managing large volumes of data in real-time. These experiences helped us build a robust real-time sensor with an embedded state machine, and a high scalable backend to handle large volumes of time-series data in real-time."
Taking threat prevention to “the next level” is CounterTack’s competitive advantage. CounterTack’s does this with the market’s only comprehensive behavior-based memory analysis intelligence engine. The engine leverages CounterTack’s Digital DNA (DDNA). DDNA automatically reverse-engineers memory of running processes, examining the process code for potentially malicious behavioral traits and threats. This unique memory-based analysis and response is the industry’s only solution for detecting and responding to unknown non-signature-based threats. One of CounterTack’s customers, in the business of designing and building project like nuclear power plants and oil refineries evaluated all available options and chose CounterTack as their key go-to attacks on their systems. After evaluating all available solutions, they opted for CounterTack’s ETP as their key go-to product for any incident. Their CISO states, “CounterTack is the most important security solution in my entire arsenal of security products.”
CounterTack’s ETP is available as a standalone, on-premise platform that can be implemented and managed by internal IT resources. In addition, for organizations who prefer a managed deployment, CounterTack’s ETP Platform is available through CounterTack’s Managed Security Service Providers (MSSP) partners, including Trustwave. CounterTack’s flagship product is our Endpoint Threat Platform (available from CounterTack or through our MSSP partners.) CounterTack also offers a portfolio of tools for threat detection, forensics and security health check.
For the road ahead, CounterTack aims at continuous growth and innovation with the goal of providing the industry’s most complete endpoint security platform. “We are continuously extended our behavioral detection, response and protection capabilities, many of which will execute in real-time directly on the endpoint, along with the ability to protect the endpoint when offline for extended periods of time. We have made significant breakthroughs in new ways to leverage supervised and semi supervised machine learning to enhance our conviction models, enabling us to deliver even faster and scalable prevention capabilities,” concludes Dodhiawala.
Chief Product Officer
CounterTack provides unique combination of threat context, resiliency and broad visibility is purpose-built to mitigate endpoint risk and reduce the impact of advanced attacks of products and services.