Wednesday, December 2, 2015

EnCase Endpoint Security Version 5.10 now available

Guidance Software has released EnCase® Endpoint Security version 5.10. We have focused this release on reducing the time required by security teams to triage and validate alerts from a rapidly growing number of internal security tools and external threat-intelligence sources.

In Version 5.10, EnCase Endpoint Security focuses on synthesizing workflow for security teams with:

- Support for the Indicator of Compromise (IOC) searching of YARA rules, allowing teams to search for known IOCs and identify threats validated by internal or external industry source

- Integration with Splunk Enterprise to collect and present trusted endpoint telemetry automatically when a security alert is generated, ensuring faster decisions and a dramatic reduction in false positives for security teams

- File reputation checking from Last line, allowing security analysts to validate threat artifacts of suspect files directly within EnCase, accelerating the decision process

- The EnCase Integrated Threat Toolkit (EITT), which adds reach to 15 critical open-source tools and integrates additional functionality for incident responders

- Remediation of the complete threat, including malicious files, derivatives, and persistence mechanisms, preventing re-exposure to the same malware.

“Security teams cannot tolerate inefficiency in their daily activities. We’ve worked to solve this by increasing interoperability between the tools they use most often and by delivering fast access to trusted endpoint data,” said Roger Angarita, director of product management at Guidance Software. “Our customers demand continuous innovation that meets them right where they live and work.”

For more information on pricing, packaging and upgrades, please contact your Channel Account Manager or Guidance Software sales representative.

No comments :

Post a Comment