CounterTack Sentinel is as much a cybersecurity solution asit is a Big Data platform for security data. Architected from four majortechnological components, Sentinel delivers a best-of-breed endpoint threatdetection and response solution to counter advanced threats and scale acrossthe enterprise.
CounterTack Sentinel features four main technology(mentioned below) components empower security teams with unprecedentedvisibility into endpoint incidents and attacks.
1. Driverless Sentinel Kernel Module
2. Analysis Cluster - The Sentinel Analysis Cluster allows organizations to monitorendpoints at scale, without performance degradation. CounterTack hasarchitected the Analysis Cluster as an on-premise collection technology forenterprise-wide threat correlation.
3. Management Console - The Sentinel Management Console is a next-generation interface,based on the fundamental premise of “search.” The interface allows operators toview, filter and search for singular endpoint compromises, “Smart Groups,”behaviors, objects and processes for a holistic, customized view of yourendpoint environment.
4. Knowledge Library: The Sentinel Knowledge Library delivers automated threat analysisand intelligence to operators, and ships with a comprehensive set of compromiseprofiles. SCI's (stateful compromise indicators) are used to automaticallyidentify the threats they face, based on attack characteristics and malware, soteams can automatically classify threats in real-time, and leverage the contextto accurately manage and counter threats.