The SaaS enSilo Endpoint Security Platform can be deployed in the cloud or on-premises and supports multi-tenancy. It comprehensively secures endpoints in real time before and after infection without prompting alert fatigue, excessive dwell time or breach anxiety.Communication control offers visibility into applications communicating with the system and can be placed into an Excel or PDF report. Organizations can create custom policies, even based on groups. Furthermore, patch remediation functionality is included. enSilo offers the ability to leverage both virtual patching and patch management integration capabilities.A next-gen AV contained in pre-execution rulesets follows
typical, as well as PCI, compliance. The algorithms in the probabilistic output
attempt to guess if a file is malicious alongside real-time protection
leveraging both exfiltration and ransomware prevention. The execution graph was helpful, providing a visual
representation of what occurred. It shows unmapped executables that attempted
to communicate, as well as, where they were blocked. Exfiltration prevention
uses containment and correlation to offer real-time protection when things get
passed to the AV and it looks at the processes attempting to communicate and
the consequences then blocks them in real-time based on deterministic goals and
rules set forth with code traces in the memory of processes deemed clinically
infected.The collector installers were straightforward, but we
found the server to be confusing. We had trouble getting all VMs to report back
to the cloud server. Additionally, we were unable to get the Ubuntu machine
installed and reporting correctly.We were able to get the
CentOS machine online and connected, but when we went back and checked on it,
it was in a disconnected state. The reasons for this were unclear to us, and,
we concluded, the Linux offerings need some work.Apart from those
difficulties, we liked the dashboard’s aesthetic. We tested it with our
toolsets and threats immediately populated in the dashboard. enSilo allowed the
program to run since it was set to log events versus block them. For testing
purposes, we left this to see what it would yield. The event viewer quickly
produced information that was intuitive and provided valuable insight. We were
able to select a file and leverage forensics to further investigate what
happened, such as which files it created.Although our tests did not result in a quarantine, they were prevented from doing anything malicious. We believe enSilo, especially with the addition of playbooks and automated remediation, would be an asset for IT departments with fewer resources or less experienced professionals assisting with triaging incidents. Overall, this is a solid, intuitive product and would be ideal for those working in Windows environments.Tested by Tom Weil
Content
enSilo Endpoint Security Platform 3.1
Product title
enSilo Endpoint Security Platform 3.1
Product info
Vendor: enSilo
Price: $29 per seat on average
Contact: ensilo.com
Strength
Comprehensively secures endpoints in real time before and after infection without prompting alert fatigue, excessive dwell time or breach anxiety.
Weakness
None that we found.
Verdict
Innovative solution for IT departments with limited resources or less experienced professionals assisting with triaging incidents.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds