Most of the internet is powered by Linux servers, so it's not surprising that they’re increasingly a target for attack. In particular recent attacks have focussed on using compromised systems to distribute malware to other systems.
Many Linux systems rely on traditional signature-based threat detection which leaves them vulnerable to zero-day attacks. Endpoint security company SentinelOne is announcing a new solution aimed at protecting enterprise data centers and cloud providers from emerging threats that target Linux servers.
"As we have seen, Linux endpoints, whether they are servers or other devices, are not immune to malware and other forms of attack," says Tomer Weingarten, CEO of SentinelOne. "To address this new threat plane, SentinelOne EPP now provides the same exceptional level of integrated threat detection, prevention and remediation for Linux machines as it does for Windows and OS X devices".
SentinelOne uses a lightweight autonomous agent to monitor all activity in both kernel and user space (including files, processes, memory, registry and network) on the protected device. Each agent leverages the SentinelOne Dynamic Behavior Tracking (DBT) Engine which uses sophisticated machine learning to predict threats across any vector against the background of normal application behavior. Once malicious activity is detected SentinelOne immediately employs a series of automated mitigation and quarantine processes to eliminate the threat in real-time. SentinelOne also maintains a detailed audit trail of activity for forensic analysis and reporting which is delivered to the management console in real-time.
The SentinelOne EPP platform with support for Linux is available now, you can find more information on the company's website.
Image Credit: rosedesigns / Shutterstock