SentinelOne
November 4, 2022
By Adam Mears
SentinelOne Control delivers multi-layered AI-powered endpoint protection, with Static AI pre-execution protection for known and unknown file-based malware, and Behavioral AI agent-side behavioral monitoring that covers any attack vector, including unknown exploits and bypass attempts of traditional anti-virus.
Today’s security landscape
In the past two decades of tech booms, busts, and bubbles, two things have not changed – hackers are still
finding ways to breach security measures in place, and the endpoint remains the primary target. And now,
with cloud and mobile computing, endpoint devices have become the new enterprise security perimeter, so
there is even more pressure to lock them down.
Companies are deploying piles of software on the endpoint to secure it – antivirus, anti-malware, desktop
firewalls, intrusion detection, vulnerability management, web filtering, anti-spam, and the list goes on. Yet with
all of the solutions in place, high profile companies are still being breached. The recent attacks on large retail
and hospitality organizations are prime examples, where hackers successfully used credit-card-stealing malware targeting payment servers to collect customer credit card information.
Why traditional security is not working
There is a fundamental problem with the security that leaves us basically in the same spot: it is looking for
something known – a known hash, IP address, vulnerability, behavior. Ultimately hackers are able to use
enough masking techniques to bypass the security software, leaving the server or laptop once again the
victim of an attack. It’s very easy to alter this malicious code with downloaded or created tools to bypass
security measures. Anyone who has basic coding skills can do it. The diagram shows a few attack masking
techniques, which are often used in conjunction with each other to take a known binary and cause it to
appear completely new, unknown, and benign on the surface.
Along with masking techniques, hackers are using different vectors or paths to deliver the malicious code
and carry out their attacks. Top attack vectors are listed to the right. Attacks can be single-vector or part of a
multi-vector, more sophisticated attack