AUTONOMOUS ENDPOINT PROTECTION THAT SAVES YOU TIME

The SentinelOne Endpoint Protection Platform unifies prevention, detection and response to cyber attacks into a single agent powered by machine learning and automation. It provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities and complete visibility into the endpoint environment with full-context, real-time forensics.

The traditional concept of antivirus software which arose with the first antivirus products released in 1987 entered obsolescence sometime earlier this past decade. Cybersecurity experts first began noticing the decline around 2012 when the volume of new malware samples began to outstrip the ability of antivirus vendors to write new signatures. Both the volume and sophistication of malware has continued to increase exponentially.

By 2014, an executive at a prominent endpoint protection firm famously declared that antivirus was “dead.” (italicize) At the time, his contemporaries scoffed at the remark. After all, signature-based antivirus products are still on the market, but a look at the trend in malware as late as 2016 show that things have gotten dramatically worse.

By early 2017, nearly 600,000,000 unique malware strains had been registered and increase of 300,000,000 since 2014, the year antivirus was proclaimed as “dead.” This increase in malware has outstripped the industry’s ability to write individual antivirus signatures. What’s more, nation-state hackers and malware authors have spun off their own unique solutions to get around endpoint protection. The volume and sophistication of malware has decisively smothered traditional endpoint protection methods. In response, new methodologies such as Endpoint Protection and Response (EDR), Next-Gen Antivirus (NGAV) and Next-Gen Endpoint Protection (NGEP).

BEHAVIOR, NOT IDENTITY

So What Can Be Done to Mitigate the Ever Changing Cyber Attack Landscape?

The key is to prevent any malware prior to execution and to deal with the behavior of processes executing on the endpoint. This is effective because, despite the large and increasing number of malware variants, they operate in very similar ways. The number of malware behaviors is considerably smaller than the number of ways a malicious file might look, making this a much more suitable approach for prevention and detection.

An effective solution needs to cover malware of every variety and description. To be threat agnostic, with multiple layers of prevention and detection, backed with the ability to rollback and to provide visibility into any activity on the agent – and to do it between Windows, MacOS, and Linux operating systems.

Prevention

Static Artificial Intelligence (AI) on the endpoint prevents cyber attacks inline in real time. Consistently ranked for highest efficacy and lowest false-positives, SentinelOne replaces legacy antivirus.

Detection

Patented behavioral Artificial Intelligence (AI) recognizes malicious actions regardless of vector. SentinelOne is the only endpoint security vendor to detect fileless, zero-day and nation-state attacks in real time.

Response

SentinelOne’s patented behavioral Artificial Intelligence (AI) fuels ActiveEDR, surgically reversing and removing any malicious activity. Now, every device heals itself in realtime. You’ll never have to reimage a computer or server again.

Threat Hunting

Patented behavioral Artificial Intelligence (AI) recognizes malicious actions regardless of vector. SentinelOne is the only endpoint security vendor to detect fileless, zero-day and nation-state attacks in real time.

SentinelOne – How it Works

An effective, streamlined security solution offered by SentinelOne combines the tenets of defense-in-depth in a single product, incorporating mechanisms that deal with malware before it executes, while it’s executing and after it has executed. It also lowers costs and improves efficiency, allowing your business to flourish without interruption.

Pre-Execution

SentinelOne’s single agent technology uses a static Artificial Intelligence (AI) engine to provide pre-execution protection. The static Artificial Intelligence (AI) engine replaces traditional antivirus signatures and eliminates the need for recurring antivirus scans that kill end user productivity.

SentinelOne - Preexecution

On-Execution

SentinelOne’s Behavioral Artificial Intelligence (AI) engines track all processes and their inter-relationships regardless of how long they are active. When malicious activities are detected, the SentinalOne agent responds automatically at machine speed. Their Behavioral Artificial Intelligence (AI) is vector-agnostic. It doesn’t care whether the threat is file-based malware, scripts, weaponized documents, lateral movement, file-less malware or even zero-day malware.

SentinelOne-OnExecution

Post-Execution

SentinelOne’s Automated Endpoint Detection and Response [EDR] provides rich forensic data and can mitigate threats automatically, perform network isolation and automatically immunize endpoints against newly discovered cyber threats. As a final safety measure, SentinelOne can even rollback an endpoint to its pre-infected state.

SentinelOne-PostExecution

No one can predict what will happen next, and the only thing known with certainty is that cyber threats will continue to develop as the economics of cyber attacks are in favor of the attackers. This was vividly demonstrated in March 2018, when cyber criminals demanded $52,000 after a crippling ransomware attack on Atlanta City. The city did the right thing, refusing to pay the ransom, but at a cost to taxpayers estimated at over $2.5 million. Few businesses can afford to take that kind of loss, as the criminals well know.

It is not only new and emerging threats that we must be on guard for, but also creative uses of known ways to bypass traditional defenses such as using IOT and other devices connected to the network to gain access and to run malicious code. In short, threat actors will continue improving their techniques and their ability to evade traditional cyber security defenses.

On top of this, with businesses and users transitioning to the cloud to improve connectivity and ensure maximum productivity, the modern network is built on principles which shifts access control away from vulnerable firewalls onto endpoint devices. This, however, also allows opportunities to utilize endpoint vulnerabilities in order to gain access.

This means businesses and organizations need to be proactive and not just wait for the next security breach to happen. It also means investing in a security layer that exists at the last mile. Such protection should include the following:

    • Support all your existing Operating Systems including Windows, MacOS, and Linux, cloud and VDI because modern cyber attacks are always looking at your weakest link.

      • Include several types of technologies which can detect in parallel, to achieve separate security layers.

        • Not rely on a person to run it effectively, including preventing threats.

          • Integrate with other security solutions on your network.

            • Allow visibility to all your assets, because a single view of a device is always weaker than a historical view across your network.

              • Backup your assets, and test that it’s working.

Single Sign-On (SSO) for All Apps

Secure, frictionless access to any resource, including web and on-premises applications, from anywhere. The average employee uses dozens of applications. Provide them with convenient but secure access to all their web and on-premises apps with a single set of credentials.

One Dashboard, Unlimited Apps

Set up users to access all their business-critical web apps from their JumpCloud User Portal. SSO from JumpCloud also includes apps that authenticate with LDAP, from IT services (e.g., Jenkins, OpenVPN, or Airwatch) to ticketing and control systems (e.g., Atlassian Jira) to on-prem attached storage systems (e.g., Synology or QNAP).

Simple and Scalable User Management

Create groups based on employee department or job role, then associate those groups to applications to restrict access and provide appropriate authorizations and permissions. Save time onboarding by adding a new user to a group and automatically granting them access to associated apps. From a single console, manage access, user attributes, account provisioning, and deactivation with a growing list of SAML and SCIM connectors.

One Identity for All Resources

Extend user identities beyond applications. Give users a single, secure set of credentials to access virtually all their IT resources, including macOS, Windows, and Linux devices, cloud infrastructure, files, and networks. This simplifies the login process for users and eliminates identity sprawl in your environment.

Layer MFA Everywhere

Easily enforce biometric and TOTP MFA to safeguard user access to applications, devices, networks, and more. JumpCloud gives organizations the power to layer MFA on top of nearly any resource they need to secure – Windows, Mac, Linux, applications, networks, infrastructure and more. Paired with Conditional Access policies, administrators can help further secure resources by requiring MFA if users are not on trusted devices or trusted networks.

Easy Implementation

As an admin, all you need to do to enforce MFA is activate it for your organization through the JumpCloud Admin Portal. Regardless of where you or your users are working, MFA will be activated and enabled to secure access.

WebAuth MFA

Require U2F keys or device-based biometric authentication for access to the User Portal, ensuring the most secure end user experience. End users can self-serve their key activation — all you need to do is activate WebAuthn in JumpCloud and dropship them their keys.

Duo Push

For ease of use for your users, pair JumpCloud with MFA from Duo Security. Doing so enables push notification-based authentication at the User Portal, letting end users simply push a button on their mobile device when prompted to confirm their identity.

Unify Device Management

Securely manage Windows, Mac, and Linux devices at your organization from a single cloud platform. Your IT environment shouldn’t be limited by vendors, policies or protocols. JumpCloud’s directory platform lets you manage every end user computer and workstation, anywhere they are, from a single console.

Meet the JumpCloud Agent

The JumpCloud agent is powerful for IT administrators but invisible to end users on managed devices. It unlocks capabilities for managed users and resources to give employees an easy, secure way to manage their identity and access their work resources on a secure device.

JumpCloud Agent Diagram

Enforce Policies

Leverage JumpCloud’s policies for Mac, Windows and Linux to implement security and configuration settings across your devices. Choose from a selection of point-and-click templates to manage screensaver settings, disable USB storage, enforce full-disk encryption and more.

extend identities through intergration

Device Centric Security

JumpCloud managed devices are trusted gateways to corporate resources. Employees have secure access to resources on their work devices using their single set of credentials to get to everything they need. Take advantage of JumpCloud Mobile Device Management (MDM) to configure and secure Mac laptops and workstations with Mac policies.

secure identities

Enforce Policies

Leverage JumpCloud’s policies for Mac, Windows and Linux to implement security and configuration settings across your devices. Choose from a selection of point-and-click templates to manage screensaver settings, disable USB storage, enforce full-disk encryption and more.

extend identities through intergration
jumcloud ebook graphic2

Download the Simplify Zero Trust Security from the Cloud eBook

Automate Server Management From the Cloud

Simplify how you manage your servers with JumpCloud. Streamline the way you manage and provision access to your organization’s servers, from cloud RADIUS and LDAP servers to virtual servers. JumpCloud’s support for server infrastructure covers a wide array of Windows distributions and native support for LTS Amazon Linux, RHEL, CentOS, Debian and Ubuntu.

Commands

Create and execute scripts to manage your servers in the language of your choice and run commands on a scheduled or ad hoc basis.

Policies

Use point-and-click policies to set up security and configuration standards across your organization’s servers, individually or in groups.

Containers

Use Cloud LDAP to manage the access layer of container orchestration tools like Kubernetes and Docker.

Active Directory Integration

Pair JumpCloud with existing Active Directory domains to federate on-premise credentials to cloud infrastructure.

The Power of JumpCloud LDAP in the Cloud

Cloud-hosted LDAP provides you with all of the abilities of the LDAP protocol with none of the usual setup, maintenance, or failover requirements of traditional LDAP implementations. Since our cloud LDAP servers are already stood up and ready to use, all you need to do is point your LDAP-connected endpoints to JumpCloud and you’re on your way.

Complete Control

Manage LDAP access from your browser through the JumpCloud Admin Portal, as well as through your command line or JumpCloud’s RESTful APIs. With group-based access controls, you can streamline LDAP management to best suit your needs.

Hyper Secure

JumpCloud’s OpenLDAP RFC 2307 compliant cloud LDAP offering is encrypted by LDAPS & Start TLS, ensuring your LDAP authentication remains as secure as possible. What’s more, you can require multi-factor authentication upon entry to LDAP resources to keep your data locked down.

AuthN to Apps & Services

JumpCloud provides authentication for any application or service that can defer authentication via LDAP. Integrate with apps such as Atlassian Jira and Confluence or with DevOps infrastructure such as Jenkins, Ansible, Kubernetes, Docker, OpenVPN and thousands of others.

NAS Authentication with LDAP & Samba Attributes

LDAP-as-a-Service includes secure support for authentication and group-based authorization on Samba file servers or commercial NAS appliances such as Synology, QNAP, Morro Data and more.

No-Setup Network Control with Cloud RADIUS

Deploy cloud RADIUS servers to provision and deprovision user access to VPN and Wi-Fi networks from your browser and secure with MFA. Get the strength and security of the RADIUS protocol without building, maintaining, or monitoring physical servers. Quickly roll out managed RADIUS to your organization to authenticate users to Wi-Fi, VPNs, switches, and network devices securely.

Save Time and Money

Leave the heavy lifting to JumpCloud, eliminate the costs associated with maintaining physical RADIUS servers and use managed RADIUS as part of your core directory platform.

Ensure Network Security

JumpCloud automatically generates complex passwords (shared secrets) for authentication between your WAPs and JumpCloud’s RADIUS servers. This maintains a secure connection between infrastructure endpoints while users log in with their individual credentials. An additional method, certificate trust, verifies that your client desktops, laptops and mobile devices are talking to the correct RADIUS server.

Control User Access

Each RADIUS server you add to JumpCloud can be connected to user groups to provision network access at scale and to restrict specific networks or VPNs to specific groups of users. Further segmentation is possible through dynamic VLAN tagging.

Easy, Yet Secure Access

Eliminate shared credentials for Wi-Fi but ensure continued easy access for users via their core identities. Users don’t need to keep passwords on sticky notes or whiteboards because they have just one secure and unique password to remember. Plus, with those same core identities, grant users access to VPNs for use when they work on unsecured networks.