SentinelOne, the autonomous endpoint protection company, and Intel announced the integration of hardware-based Intel Threat Detection Technology (Intel TDT) Accelerated Memory Scanning capabilities with the SentinelOne autonomous endpoint protection console.
Independent benchmark testing from Passmark Software validates that SentinelOne’s approach, using Intel’s silicon to power threat scanning, significantly increases detection rates of memory-based attacks such as crypto miners, while providing a 10x improvement in scanning time with no increase in CPU usage. Intel and SentinelOne will be demonstrating the detection capabilities at the RSA Conference, March 4 – 8, at SentinelOne’s booth (#1527 South) and Intel’s booth (#6173 North).
“This collaboration with Intel is the latest step by SentinelOne to continually improve the detection and autonomous remediation of advanced attacks for our customers. As more and more attacks are being conducted and orchestrated in memory, the need for tighter, faster, and more efficient memory inspection by security software is imminent,” said Tomer Weingarten, CEO, SentinelOne. “The integration of Accelerated Memory Scanning is an important addition to how we power the detection of memory-based attacks, unlocking a whole new class of attack-detection techniques that other security software simply can’t do. This enables customers to detect and stop these attacks in a much more rapid and efficient manner, without impacting user performance.”
Cryptomining attacks increased dramatically in 2018 and emerged as one of the top threats facing organizations. According to reports, cryptomining attacks have become so popular they are estimated potentially to account for almost half a percent of the world’s electricity consumption. Detecting these attacks by looking for patterns in memory requires a tremendous amount of computing power and can dramatically degrade endpoint and server performance.
“Malware, especially cryptominers, continually evolves to avoid detection, often hiding in memory or delivering malicious code directly into the memory of a system,” said Jim Gordon, General Manager, Intel Security Eco-System, Strategy and Development. “Intel Threat Detection Technology seeks to use the power of silicon to help partners like SentinelOne continually improve the detection and remediation of today’s most advanced cyber threats.”
SentinelOne is the only next-gen solution that autonomously defends every endpoint against every type of attack, at every stage in the threat lifecycle. With the integration of Intel’s Accelerated Memory Scanning capabilities, SentinelOne now offloads the processing power needed to scan for cryptomining attacks from the CPU to the Intel integrated graphics processor – dramatically increasing the speed of cryptominer detection without latency or degradation of endpoint performance. This creates a much more efficient manner to capture memory-based cyberattacks at the OS level.
SentinelOne and Intel will be demonstrating the advanced detection capabilities at the RSA Conference, March 4 – 8, in San Francisco, CA at Intel’s booth (#6176) North and SentinelOne’s booth (#1527 South).