The new solution integrates forensic analysis with real-time telemetry and provides global attack insights for analysts to react efficiently and quickly
Cyber attacks are constantly increasing and it is necessary to intervene more quickly. In order to make rapid decisions, security teams must identify the most relevant insights in order to act promptly. It's a difficult task, but SentinelOne, provider of a cybersecurity platform with autonomous response capabilities, is increasingly improving digital forensics skills to simplify the work of security teams. The company recently released Singularity RemoteOps Forensics, a new digital forensics solution that enables companies of all sizes to respond to attacks by launching efficient and simplified search and detection activities, with unprecedented speed and scalability.
“Threat reporting and response times have significantly shortened, and it is imperative that security teams have advanced forensics capabilities that speed investigations, and Singularity RemoteOps Forensics delivers just that,” he said Jane Wong, Senior Vice President of Products and Strategy di SentinelOne.
Perfectly integrated with the Singularity™ platform by SentinelOne and offered as an add-on to your security solutions endpoint and gods workload in the SentinelOne cloud, RemoteOps Forensics is a fast, efficient and versatile digital forensics and incident response solution that security teams can use to:
- Optimize resources and accelerate mean time to resolution
- Perform a collection of ad hoc or predefined input-based evidence, enabling targeted investigations into one or more assets, including endpoints and server workloads
- Automate the collection of evidence, such as procedures, interfaces, service lists, MFTs, Amcache, JumpLists, and memory dumps, and orchestrate them in less than a minute
- Consolidate evidence into a single data pool through the Singularity Security DataLake, correlating data from SentinelOne and partners with forensic data in the same research to build a complete picture of the attack, quickly identify the root cause, and take steps to reduce risk
- Analyze collected evidence alongside Endpoint Detection and Response (EDR) data in a single console to proactively defend against future threats
- Correlate and analyze integrated data to uncover hidden indicators of compromise, identify advanced attack patterns, and understand the tactics, techniques, and procedures used by threat actors.
Thanks to complete integration with the SentinelOne agent, RemoteOps Forensics eliminates the need to deploy and use multiple tools during the investigation phase, saving time and resources for companies. The solution makes searches more forensically sound because fewer disk changes are made and SentinelOne uses anti-manipulation and metadata collection capabilities to ensure data integrity.
“SentinelOne's new forensic capabilities revolutionize incident response, enabling security teams to conduct thorough investigations in short order, without the need for industry experts or additional tools,” added Wong.
Singularity RemoteOps Forensics is available, learn more at site.
