CIO Influence
Analytics CIO Influence News Cloud

Uptycs Enables Security Teams To Neutralize Immediate Threats Without Delay, With New Remediation And Blocking Capabilities

Uptycs Enables Security Teams To Neutralize Immediate Threats Without Delay, With New Remediation And Blocking Capabilities

Security Teams Can Now Safely Mitigate Breaches and Block Attacks in Real-Time without Waiting for It Policy Changes

Uptycs, provider of the first cloud-native security analytics platform enabling cloud and endpoint security from a common solution, announced Uptycs Protect, which adds new blocking and remediation capabilities in their extended detection and response (XDR) offering. Now, security and compliance teams can immediately take action to stop and remove malicious actors in real time, mitigate the performance risk of blocking actions, and independently remediate compliance related policy violations.

Recommended ITech News: Atos to provide Australia’s Federal Government Agencies Cloud services

Uptycs already provides leading threat detection and investigation as evidenced by its results from the 2020 ATT&CK® Evaluations for Enterprise performed by MITRE Engenuity. The enhanced response capabilities announced in Uptycs Protect have been a popular request from customers, enabling consolidation of their endpoint tooling and improving their speed to incident response.

“Based on how fast vulnerabilities can be exploited, organizations must be prepared to perform emergency remediation on key systems within hours of a vendor releasing a patch to address a vulnerability, as well as heavily invest in mitigation measures,” according to a June 2021 Gartner blog post. The new remediation and blocking capabilities from Uptycs empower security teams to take immediate action when observing threats or urgent risks.

The new blocking and remediation features in the Uptycs cloud-native security analytics platform include blocking for processes (path, file SHA256 hash, certificate SHA hash) and network domains. Real-time remediation capabilities include deleting files; shutting down, rebooting, or quarantining a host; killing or pausing a process; disabling users; and more. Moreover, these remediation capabilities are available through the Uptycs API, enabling security organizations to orchestrate automated response workflows.

Recommended ITech News:  Thales Named a Leader in Advanced Authentication for Identity Security by the IDC MarketScape

The addition of Uptycs Protect make it possible for security organizations to solve several key challenges that traditional EDR tools do not address effectively:

  • Security and Compliance teams can rapidly contain and remediate issues during an active threat, without the delay imposed by internal coordination with IT Ops teams (e.g., block a malicious process from propagating).
  • Incident responders can remediate unwanted activity from an easy-to-understand and easy-to-use UI that provides context into what requires remediation.
  • Compliance teams can immediately remediate compliance issues themselves without requiring IT Ops teams to make changes, such as implementing Windows registry fixes.
  • Endpoint security teams can minimize risks inherent to automated blocking by back-testing blocking rules against historical telemetry or by using a log-only mode for a period of time to validate the potential impact.
  • CISOs and other executives can consolidate their tools for productivity endpoints, server endpoints, and container-based workloads with Uptycs, which provides robust support for all workloads on-premises and in the cloud.

“Blocking and remediation is a critical functionality, but needs to be done carefully,” says Ganesh Pai, co-Founder and CEO at Uptycs. “We’ve taken care to do this the right way—for example, giving users the ability to rigorously test blocking rules and understand the context of remediation actions. The result is that endpoint security teams can implement automated blocking with confidence, and incident responders are empowered to make well-informed remediation decisions on the spot.”

Recommended ITech News: Samsung Introduces the Industry’s First 5nm Processor Powering the Next Generation of Wearables

Related posts

Intec Expands Reseller Agreement With HCL Software To Include HCL Volt MX

CIO Influence News Desk

CDNetworks Releases State of the Web Security for 2020: Web Application Attacks Surged 740%

CIO Influence News Desk

US DoD Accredits Oracle Cloud Infrastructure (OCI) For Top Secret Missions

CIO Influence News Desk

Leave a Comment