2nd Edition

Tracking the trends and news for IT and IT Security

Paul

SentinelOne releases Singularity RemoteOps Forensics to improve incident response for companies

SentinelOne releases Singularity RemoteOps Forensics to improve incident response for companies
Help Net Security – Christian Vasquez
An advisory committee to the Cybersecurity and Infrastructure Security Agency delivered a long list of recommendations on Wednesday that encourage the agency to take measures to increase the cybersecurity expertise on corporate boards of directors, develop a national cybersecurity alert mechanism and better protect high-risk communities from surveillance.

Wednesday’s report includes recommendations from six subcommittees that cover corporate cyber responsibility, cyber hygiene, the creation of a national cybersecurity alert system, reducing systemic risk to critical infrastructure, protecting high-risk communities and the cybersecurity workforce.

The subcommittee on corporate cyber responsibility recommended that corporate board members be educated and trained on cybersecurity issues, especially with new rules from the Securities and Exchange Commission coming into effect requiring publicly traded companies to report significant breaches of their computer systems and data. The subcommittee also encouraged CISA to explore performance goals to measure what would amount to a “cyber responsible” board.

Another recommendation calls for a national cybersecurity alert system to be administered by CISA. While there are multiple avenues of information flows like advisories, bulletins and so on, “they’re not authoritative; they’re not coherent,” Inglis said.

Seamlessly integrated with the SentinelOne Singularity Platform and offered as an add-on to Sentinel One’s Endpoint and Cloud Workload Security solutions, RemoteOps Forensics is a flexible digital forensics and incident response solution that security teams can use to: Optimize resources and accelerate Mean Time to Resolution Perform ad-hoc or conditional trigger-based evidence collection, enabling targeted investigations on one or multiple assets including endpoints and server workloads. Automate the collection of evidence, such as processes, ports, service listings, MFT, Amcache, JumpLists, and memory dumps, and orchestrate them in less than a minute. Consolidate evidence into one data pool through the Singularity Security DataLake, correlating SentinelOne and partner data with forensics data in the same search to create a comprehensive picture of an attack, quickly identify the root cause and take measures to mitigate risk. Analyze collected evidence alongside Endpoint Detection and Response (EDR) data in one console to proactively defend against future threats. Correlate and analyze integrated data to uncover hidden indicators of compromise, identify advanced attack patterns, and understand the tactics, techniques, and procedures employed by threat actors.
Link: https://www.helpnetsecurity.com/2023/09/13/sentinelone-singularity-remoteops-forensics/

Categories:

Tags: