than most and can sometimes detect when
PDOZDUH�LV�DWWDFNLQJ�WKH�%,26�RU�¿UPZDUH�
on a machine.
Chris Bates,Global Director of Product
Architecture at SentinelOne, said the product’s
agents operate autonomously and can combine
information with other endpoints when needed.
“Every SentinelOne agent is building context,”
Bates said, and the context and the events that
happen while the context is being built create
stories that can be used to detect the operations
of malware.
According to Bates, each endpoint can take
remediation on its own by eliminating the
malware or placing it into quarantine. But Bates
also said that his EDR package can’t catch
everything, especially when it happens outside of
the OS. A USB thumb drive that rewrites the
BIOS before the computer boots is one example.
NEXT LEVEL OF PREPARING
This is where the next level of preparation comes
in, Knight explained. She pointed to a joint
project between Intel and Lockheed Martin that
created a hardened security solution running on
standard 2nd Generation Intel Xeon Scalable
processors called the “Intel Select Solution for
Hardened Security with Lockheed Martin.” This
new solution is designed to prevent malware
infections by isolating critical resources and
protecting those resources.
Meanwhile, Intel has also announced another
series of hardware preventive measures called
“Hardware Shield,” which locks down the BIOS.
W
a
y
n
e
R
a
s
h
Knight said this
new type of
malware is
being developed
so that it can
evade detection
by legacy
software.
