SentinelOne, the company transforming endpoint protection by delivering unified, multi-layer protection driven by machine learning and intelligent automation, today launched its first Enterprise Risk Index which highlights the growing use of in-memory attacks, further proof that attacks simply cannot be stopped by traditional, static, file inspection security solutions.
The report includes an analysis of filtered data from more than one million SentinelOne Enterprise Platform agents deployed worldwide during the last half of 2016. Findings are based on behavioural analysis of malware programs that bypassed firewalls and network controls to infect endpoint devices.
“These days, infecting a target is just a matter of resources; but how long the hackers get to stay inside the network is a matter of good detection,” said Andy Norton, EMEA risk officer for SentinelOne and lead researcher for the Enterprise Risk Index. “In our analysis we focused on the attacks that are successful in making their way past traditional defences to reach endpoint targets because these are the threats that pose the greatest risk to an organisation. That’s what we should be measuring – not what’s stopped at the gateway.”
The report focuses on attack methods classified into three risk categories:
From the report, “we won’t be announcing what the top malware family is – for example, Zeus, Diamond Fox or Updare – however, we do build indicators of compromise to help with identification and response, and when a hash value exists we have submitted the hash to malware repositories to see what other submissions there have been for them.”
Key findings of the report include:
“Our goal with the Enterprise Risk Index is to help organisations get a better view of which threats are successful in reaching the final barrier in enterprise defences,” said Norton. “With this data in mind, customers can better determine not only what the risks are but where they are and can adjust their security planning and investments accordingly.”
A copy of the full SentinelOne Enterprise Risk Index is available for download here.