The LMNTRIX Respond service is a combination of NGAV+EDR and uses a light weight custom agent deployed on all your endpoints to capture detailed state information, prevent exploits, malware, file-less attacks, malware-less attacks, phishing, injection, macro based attacks, ranswomware, credential theft and adversary tradecraft prevention. Additionally, it is used by our Cyber Defense Center to continuously monitor all endpoint activity, conduct adversary hunting, validate breaches, investigate, contain, remediate and detect encrypted attacks. Using a light weight sensor allows our intrusion analysts to delve deep into the inner workings of endpoints and expose anomalous behaviors.
Our techniques include live memory analysis, direct physical disk inspection, network traffic analysis, and endpoint state assessment. Our service doesn’t require signatures or rules. Instead, by leveraging unique endpoint behavioral monitoring and advanced machine learning, we dive deeper into endpoints which allows us to better analyze and identify zero-days and hidden threats that other endpoint security solutions miss entirely.
Armed with this information, our intrusion analysts instantly find similarly infected endpoints and quickly expand their visibility into the full scope of a compromise. Once an intrusion is confirmed, we disrupt malware-driven tactics, techniques and procedures (TTPs), and limit attacker lateral movement by quarantining and blocking the threat.