The Sentry is a service that is designed to detect targeted attacks. When a targeted attack successfully breaches an organization, it is extremely important to be able to detect it is quickly as possible and thus prevent greater damage. The service includes the Sentry software installed on workstations, which finds targeted attacks and more traditional bulk malware.
When the software flags something as suspicious, the suspicious machine code is sent to our experts for manual analysis to find out what the program does. We do not rely solely on automation, like many competing products.
The operation of the Sentry service is based on the Sentry client installed on workstations. The client monitors all programs and modules loaded into memory on the workstation. When an unknown program or module is detected, a binary copy is sent to the Sentry server for analysis. The Sentry client also monitors the use of powershell on the workstation and if needed, running powershell can be disabled completely.
The Sentry is a full service that also includes all the necessary clean-up work that is required after finding a malware infection. Forensic investigation and malware analysis is always performed to ensure that we can find out, for example, what the program has tried to steal. Forensic investigation will also reveal how the malware has entered your network. The customer is always notified of any findings.
The service has been on the market since 2013 and it is continuously being improved with the help of our customers.
The Sentry service detects malicious programs in memory and is unobtrusive and invisible to the end user.
Contact us for more information!