Device Protection is a key feature in BlackfishID, designed to ensure the security of Windows and macOS devices against cyber threats. By installing the BlackfishID software, users gain access to a comprehensive protection system that leverages our partnership with SentinelOne to provide advanced security. This approach ensures a seamless experience while utilizing SentinelOne's cutting-edge technology for threat detection, response, and remediation.
How does it work?
The BlackfishID installer equips devices with an advanced security layer that operates in the background, enabling:
Real-time detection and elimination of threats.
Containment of compromised devices to prevent threat propagation.
Automated responses to security incidents, reducing risks and response times.
All these features are managed from the centralized BlackfishID platform, where users can monitor and control the security status of their devices at all times.
Automated actions available in BlackfishID:
Here are some of the actions you can perform to manage your device security:
Terminate Threat: Instantly stops any active malicious process to prevent further damage.
Isolate File: Moves infected files to quarantine, isolating them from the operating system.
Apply Remediation: Restores the system to a safe state through automated processes.
Undo Remediation: Reverts any changes made during the remediation process if necessary.
Release File: Removes a file from quarantine if deemed safe after thorough analysis.
Network Isolation: Disconnects the infected device from the network to prevent threat spread.
Initiate Scan: Performs full or specific scans on devices to detect hidden threats.
Restart Device: Restarts the system to apply security changes or updates.
Fetch Logs: Retrieves detailed security logs from the device for advanced analysis.
Update Software: Ensures devices are running the latest version of the security agent.
Broadcast Messages: Sends instructions directly to the device via the console.
Benefits of Device Protection:
Advanced security: Proactively identifies and responds to malware, ransomware, and advanced threats.
Automation: Reduces response times with predefined, automated actions.
Centralized management: Monitor and protect all devices from a single platform.
Continuous protection: Ensures ongoing protection with regular scans and updates.
Relation to other security controls:
Device Protection is directly linked to the Secure Browsing and Vulnerability Scan controls, creating a comprehensive solution to protect users and enterprise infrastructure from digital threats.