SentinelOne adds feature to restore files hit by ransomware
SentinelOne has added a feature to its endpoint detection products that can restore files encrypted by cybercriminals, a common type of attack known as ransomware.
The “rollback” feature will be available in the 1.6 versions of its Endpoint Protection Platform (EPP) and the Endpoint Detection and Response (EDR) products at no charge, said Dal Gemmell, director of product management.
SentinelOne is among several vendors that are trying to displace traditional antivirus vendors with products that detect malware using deep analysis rather than signature-based detection.
The company’s products use a lightweight agent on endpoints such as laptops and desktops, which looks at the core of the operating system — the kernel — as well the the user space, trying to spot changes that might be linked to malware.