Free Audit To Test AV/NGAV Detection Level Against Process Doppelganging Evasion. Request It Now.
800-413-1782

FREQUENTLY ASKED QUESTIONS

What does enSilo offer?

enSilo offer an endpoint security agent that stops malware pre- and post-infection in real-time.

How is enSilo different than other endpoint security vendors?

enSilo is the only endpoint security vendor that automates real-time protection, pre- and post-infection.

What makes enSilo different than traditional AV (antivirus)?

enSilo has developed its own NGAV that uses machine learning to stop known and unknown malware, pre-infection.

What makes enSilo different than traditional EDR (Endpoint Detection and Response)?

enSilo automates EDR alert functions and provides real-time malware blocking capabilities, post-infection.

Why does post-infection protection matter with endpoint security?

Most targeted advanced malware will bypass pre-infection defenses such as AV and NGAV. enSilo uses additional automated defenses to identify and block post-infection malware from causing harm to a business.

How does enSilo automate endpoint security case management?

enSilo eliminates alert funnel fatigue by providing "one alert per one real threat." Security staff still has the ability to dig deep for hunting and forensic purposes on their own time.

Is the enSilo agent all-inclusive of NGAV and automated EDR capabilities?

Yes. Unlike other vendors, enSilo has purpose-built a comprehensive endpoint security agent and does not simply provide functionalities piecemeal.

How are enSilo security agents managed at scale?

enSilo has a cloud management platform that can be hosted by enSilo or installed on-premise.

Can enSilo detect and protect against ransomware?

Yes. enSilo can automate detection of and protection from ransomware, and other known and unknown forms of malware, pre- and post-infection.

How does enSilo provide automated post-infection protection in real-time?

Step 1: enSilo conducts retroactive review in real-time. It starts by seamlessly recording all OS activity.
Step 2: Only when there’s an attempt to take or modify data, does enSilo freeze the action and retrieve all recorded activity.
Step 3: enSilo retroactively analyzes the retrieved history. This chain of OS activities provides conclusive evidence of whether you’re dealing with an actual threat.
Step 4: If it is a real threat, enSilo blocks the action in real-time, with absolutely no impact on the user’s machine.
Step 5: By tracing malicious activity back to its origin, enSilo can identify the root cause. If you choose to take action, you can also neutralize it.

What type of forensics does enSilo provide?

When the enSilo security agent blocks an outbound communication request or file modification, a single alert is generated for forensic purposes. Inside the enSilo management platform the security engineer is presented with specific details on process trail, outbound connection, destination IP, and other potential trails across the enterprise endpoints for further analysis and cross-environment remediation.

What platforms does enSilo support?

Windows XP SP2/SP3, 7, 8, 8.1 and 10.x.
Windows Server 2003 R2, 2008, 2008 R2, 2012 and 2012 R2.
Mac OSX Maverick (10.9), Yosemite (10.10),El Capitan (10.11), Sierra (10.12) and High Sierra (10.13).
Red Hat Enterprise Linux and CentOS 6.8 and 7.x.
VDI Environments: VMware Horizons 6 and Citrix XenDesktop/ XenApp 7.

What is the enSilo agent footprint on my machine?

Less than 40 MB of RAM and 20 MB of disk space. CPU usage is practically negligible (less than 1%).

Does enSilo integrate with other security systems?

Yes. enSilo’s management platform offers a REST API for interoperability. In addition, all events can be sent automatically via syslog protocol or via email.