Fidelis Cybersecurity Strengthens Ransomware Capabilities

Fidelis Cybersecurity Strengthens Ransomware Capabilities

BETHESDA, Md.–(COMMERCIAL WIRE)–Fidelis Cybersecurity today announced Fidelis Endpoint®a favorite solution of forensic and incident response professionals worldwide, successfully detected Encrypted Data for Impact (T1486)which is indicative of Ransomware attacks, during MITER Engenuity ATT&CK round 4 of 2021® Evaluation. In this MITER evaluation, the Fidelis Cybersecurity Endpoint Detection and Response (EDR) platform successfully detected overwhelming evidence of malicious activity before the final phase of data encryption, allowing the platform to disrupt attacks before attackers could impact target systems. The results show that Fidelis Endpoint’s rules and detections have become even more accurate since previous tests. Fidelis Cybersecurity also announced new and improved features, including advanced memory scanning, which will improve customers’ ability to quickly find and neutralize ransomware and other malware.

Fidelis Endpoint is available as a stand-alone offering or as part of Fidelis Elevate®, an extended active detection and response (XDR) platform. Fidelis Elevate provides advanced threat detection, deception, deep session inspection, and data loss prevention to help security teams find and stop threats faster. The Fidelis Elevate platform combines EDR with network detection and response (NDR) and deception capabilities to more comprehensively detect attacks compared to endpoint-only ATT&CK evaluation. Fidelis Elevate would have achieved near total visibility and detection in similar tests, depending on the robustness of the platform.

MITER ATT&CK Results

Independent MITER ATT&CK Reviews Evaluate the ability of EDR solutions to detect real-world cyber threats known to affect businesses and governments around the world. Through the lens of the ATT&CK Knowledge Base, the assessments focused on two threat actors, Wizard Spider and Sandworm. sorceress spider is a financially motivated criminal group that has been running ransomware campaigns since August 2018 against a variety of organizations, from large corporations to hospitals. sand worm is a destructive Russian threat group that is known for carrying out notable attacks, such as the attacks targeting Ukrainian power companies in 2015 and 2016 and the NotPetya attacks of 2017. These two threat actors were chosen based on their complexity, relevance to the market and how well the MITER Engenuity staff can adequately emulate the adversary. For full results and more information about the assessments, visit: https://attackevals.mitre-engenuity.org/enterprise/wizard-spider-and-sandworm/

MITER ATT&CK assessments provide insight into the ability of EDR solutions to detect attack tactics and techniques, enabling enterprises to understand their risk and ability to detect advanced attacks,” said Jerry Mancini, COO and VP of Products Fidelis Cybersecurity. “Fidelis Endpoint results demonstrate robust detection, forensics, and investigation with the version 9.4 solution used during evaluation. Substantial product enhancements in version 9.5, including the integration of Intel TDT, further strengthen our ability to automatically respond and remediate threats and enhance our ransomware capabilities.”

Fidelis Endpoint v9.5

Fidelis Endpoint is a powerful and proactive endpoint detection and response (EDR) platform that provides deep visibility into endpoint activity both on and off-premises and within cloud environments to accelerate investigations. Actionable control and automation help security teams quickly identify and eradicate threats to an organization.

Fidelis Endpoint v9.4 was used for the MITER Round 4 test. The new version v9.5 extends the ability to detect and respond to ransomware attacks.

With Fidelis Endpoint v.9.5, Fidelis Cybersecurity adds:

  • Intel® Threat Detection Technology (Intel® DTT) Accelerated Memory Scan (AMS) integration

    • to help detect ever-evolving and escalating cyber threats lurking in memory

    • to offload memory scanning to the integrated Intel GPU to minimize CPU performance impacts

  • Agent Platform Coverage

    • Support for Windows 11 and macOS 12, and support for the Apple M1 architecture

  • Service monitoring and compatibility

    • Enhanced system monitoring to provide detailed real-time system health status.

By integrating Intel’s threat detection technology, Accelerated Memory Scan (AMS) into Fidelis Endpoint, enterprise customers with Intel vPro® The platforms can perform more frequent memory scans with higher performance, a great benefit for our mutual customers to continue to help stay ahead of bad actors,” said Carla Rodriguez, Senior Director, Ecosystem Partner Enablement, Intel Corporation.

About Intel Accelerated Memory Scan (AMS)

Intel is the only provider of hardware-based security capabilities that enhance the industry’s security software to deliver highly effective threat detection using Intel Threat Detection Technology (Intel® DTT). To help combat high CPU usage, Intel TDT Accelerated Memory Scanning (AMS) offloads memory scanning to the integrated Intel GPU to reduce performance impact and power consumption. This download enables Fidelis Endpoint to scan more frequently, while minimizing the impact on the user experience, improving overall system security, and helping to uncover hard-to-detect fileless attacks on the memory layer. 6th generation Intel computers® Core™ and higher processors can take advantage of Fidelis Endpoint’s hardware-enabled AMS capability. (Intel Freeview is only available on Intel® Core™ Platforms, Intel vPro® Essentials and Intel vPro® Business.)

About MITER Ingenio

MITER Engenuity, a subsidiary of MITER, is a technology foundation for the public good. MITER’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded research and development centers, we work across government and in partnership with industry to address challenges to our nation’s security, stability, and well-being.

MITER Engenuity brings MITER’s deep technical knowledge and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITER Engenuity catalyzes the collective R&D strength of the US federal government, academia, and the broader private sector to address national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for the public good and accelerate use case innovation. in 5G, and democratizing threat-based cyber defense.

About Fidelis Cybersecurity

Fidelis Cybersecurity, the industry innovator in Active XDR and proactive cyber defense solutions, protects modern IT environments with unmatched detection, deception, response, cloud security and compliance capabilities. We offer complete visibility into hybrid environments through deep and dynamic asset discovery, multifaceted context, and risk assessment. These features help minimize attackable surface areas, automate exposure prevention, threat detection, and incident response, and provide the context, accuracy, speed, and portability security professionals need to find and neutralize adversaries earlier in the attack lifecycle. Fidelis Cybersecurity is dedicated to helping customers become stronger and more secure. Fidelis is trusted by many of the world’s leading commercial, corporate and government agencies. For more information please visit fidelissecurity.com.

Fidelis Cybersecurity is a portfolio company of Capital Skyview.

Leave a Comment