REMEDIANT IS NOW PART OF NETWRIX  READ PRESS RELEASE

Blog
Get a Demo
  • There are no suggestions because the search field is empty.
Contact Us
Get a Demo

Customer Stories

    Use Cases

     

    Watch this video to learn about Zero Standing Privilege (2:08)
    Blog
    Get a Demo
    • There are no suggestions because the search field is empty.
    Contact Us
    Get a Demo

    Customer Stories

    Use Cases

     

    Watch this video to learn about Zero Standing Privilege (2:08)
    Menu
    Contact Us
    Blog
    Get a Demo
    • There are no suggestions because the search field is empty.
    download-lp

    SentinelOne + Remediant

    SecureONE Integrations

    Zero Trust Privilege Security + XDR

    Today's cyberattacks utilize privilege escalation and lateral movement as a core technique. Privilege credentials provide elevated access and therefore are highly sought by attackers: often by stealing them through reconnaissance or using helper malware to simply scrape in-memory hashes left behind from an admin session. Remediant SecureONE with its agentless Zero Standing Privilege and Just In Time Administration squarely address these security challenges and stops lateral movement from such attacks.

    SentinelOne XDR provides broad protection from the endpoint with unfettered visibility, proven protection, and unparalleled response. The ability to provide rapid, granular insights into process, file, network and other OS level activities, analyze them in real-time and then protect organizations from intended or ongoing cyberattacks is the forte of the SentinelOne XDR platform. 

    We have stitched together Remediant SecureONE's Privilege Security with SentinelOne's XDR to help our customers gain comprehensive, actionable insights into privilege session activities, known as Intelligent Session Capture (ISC). Additional details of our partnership can be viewed on the SentinelOne site.
    SentinelOne_product
    SecureONE

    The Challenge

    Traditional PAM vendor (CyberArk, ThycoticCentrify and BeyondTrust) session monitoring and recordings are:

    •  Only available as large media files, that are difficult to search and not amenable to
      data analysis
    • A burden on auditors, compliance officers, and security admins to review and analyze video screen recordings for suspicious activity
    • Lacking comprehensive visibility into all threat activity (privileged and non-privileged users) on endpoints: for example, a background download is not recorded
    • Available at an additional cost of infrastructure (storage)
    • Complex to deploy, use and manage with security blind spots

    The Solution

    Remediant’s Intelligent Session Capture (ISC) leverages your existing investment in SentinelOne XDR to:
    1

    Provide context to what time a privileged session started and ended. This correlated with SentinelOne's continuous detection helps better identify, confirm and respond to a nefarious incident in near-real time

    2

    Give you better, more actionable session monitoring and automatic intervention of endpoint threat activity

    3

    Track everything that happened before, during and after the privileged session to fully understand the attack. This includes network connection, downloaded files, processes and other activities

    secureone console sentinelone

    Figure 1. Remediant SecureONE Console

    Intelligent Session Capture with SentinelOne
    sentinelone-graphic
    Download ISC Solution Brief

    This video demonstrates Remediant's Intelligent Session Capture capability through its integration with SentinelOne XDR platform.  With this integration, you can pivot from the SecureONE console through an embedded “Investigate” link to the XDR console to proactively explore for any suspicious threat activity during the JIT privileged session at the endpoints and mitigate it through a combination of Remediant and the SentinelOne solution and all elements fit together perfectly for a great aesthetic sense and feeling.

    Use Case

    The combined solution helps Incident Response teams quickly determine root cause and stop lateral movement attacks at endpoints.

    For example:

    • A user signed into a Windows endpoint browses a website and accidentally downloads malware
    • The IR team detects this event from SentinelOne
    • To investigate, the IR team leverages Remediant’s Intelligent Session Capture (ISC) to identify that during a privileged session (JIT) the malware activates on the Windows endpoint to send sensitive information to a C&C site (provides context during the privileged session)
    • ISC helps the IR team pivot to the SentinelOne console from Remediant to view all other systems the user has admin rights to during this JIT session and also easily search and find all other systems the malware has moved laterally to infect.
    • At this stage, the IR team may either isolate or quarantine the malware infected endpoints from SentinelOne
    • The IR team can realize the Principle of Least Privilege by implementing JIT and enabling ZSP on all the malware infected endpoints to eliminate lateral movement

    Benefits of the Remediant ISC + SentinelOne XDR
    1

    Obtain contextual data into privileged account activity while eliminating the need for additional infrastructure for recording and PAM agents

    2

    Correlate privileged account activity by accessing the recordings of all endpoint activity from SentinelOne platform to expedite incident response and remediation in real time 

    3

    SentinelOne data recordings are easy to access, search and analyze for auditing, forensics and compliance purposes

    4

    Prevent lateral movement attacks by removing excess standing privilege and replacing with JIT access

    Get a demonstration of Remediant SecureONE today!
    Remediant reinvents privileged access management with SecureONE, the first solution that brings Zero Standing Privilege (ZSP) to the enterprise to prevent lateral movement and shrink the attack surface caused by the invisible sprawl of administrative accounts.
    Schedule Your Demo Now