SentinelOne,†the†autonomous endpoint protection company, announced the addition of new Risk and Vulnerability Management capabilities in the SentinelOne Endpoint Protection Platform – empowering customers to prioritize the most vulnerable applications, devices, and groups on their networks.
Vulnerable software applications are increasingly targeted by attackers to compromise endpoints and gain a persistent presence on targeted networks. The SentinelOne Endpoint Protection Platform maintains an up-to-date inventory of all applications installed on the endpoints on which its agent is installed. By correlating this information with the†National Vulnerability Database†(NVD), SentinelOne is able to produce risk reports to identify vulnerable applications, devices, and groups. This enables customers to proactively secure the pathways attackers are most likely to take.
“New vulnerabilities are discovered every day, but organizations often find out about them too late in the cycle to prevent attacker exploitation. Vulnerability scanners like Qualys or Rapid7 can take a long time to generate vulnerability reports, by which time attackers may have already exploited the weaknesses,” said Raj Rajamani, VP of Product Management, SentinelOne. “SentinelOne is the only next-gen endpoint protection platform to natively provide highly-accurate and comprehensive reports without performing a scan. This enables customers to stay ahead of attackers by identifying the vulnerable points they’ll try to exploit.”
Endpoint devices, especially laptops, are assigned dynamic IPs using DHCP. When using un-credentialed scans, associating the results with the right device is a time-consuming task. Credentialed scans require shared credentials or pose a credential management nightmare. As a result, these assets are seldom covered by vulnerability scans.
“Another weakness of traditional vulnerability management is that they only identify the problem, but do not solve them,” said Rajamani. “SentinelOne protects against known and unknown vulnerabilities using its†Exploit Shield†technology.”
The Risk and Vulnerability reports are available for applications on all supported platforms – Windows, MacOS, and Linux. The Risk report uses various factors including vulnerabilities, agent version, user location/risk, and countermeasures to create a prioritized list of applications for patching.