Scribd Logo
Upload

Welcome to Scribd!

  • 3.0 Q12020 Channel PAN Battle Card PDF

    Uploaded by

    dame koffi
    20 views2 pages

    Original Title

    3.0_Q12020_Channel_PAN_Battle_Card.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    20 views2 pages

    3.0 Q12020 Channel PAN Battle Card PDF

    Uploaded by

    dame koffi

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Competitive Intelligence: Q1 2020 Update

    Expires Apr. 1st, 2020. This version replaces all previous versions.

    Recent News Focus to Win . . . Gartner Caveats: Palo Alto


    Detection: There is still heavy cloud-
    February 2020 - Cortex XDR reliance across the Cortex suite of Palo Alto has grown its presence in
    Managed Threat Hunting Service technology. Endpoint protections are the EPP and EDR market primarily
    announced. Managed Threat still reliant (first) on Wildfire and through acquisition of component
    Hunting fully back by Unit 42. cloud/reputation lookups. To date, parts it has integrated together.
    Customers will see improved behavioral detection is touted as a Traps is missing common enterprise
    EPP features, such as rogue device
    analytics and more robust “Behavioral AI” approach, but they are
    discovery, application control, USB
    “proactive” response/actions. still primarily based on set rules and device controls, resource utilization
    known-behaviors dictated by tuning, and extensive role-based
    February 2020 - Updates to “BIOCs” (Behavioral Indicators of administration. Palo Alto’s EDR
    Cortex XDR - Compromise). Endpoint protection capability has limited workflow and
    XDR updates include improved for kernel-based exploits is still non- no ability to create custom block
    visibility /reporting and expanded existent. rules.
    API integrations (including
    Demisto). Protection: Full context of attacks is Palo Alto currently doesn’t offer
    not uniformly identified or alerted to. MDR/ Managed EDR
    (MEDR)services as part of its native
    January 2020 - PAN Prisma Cloud There is a heavy reliance on granular
    offering and uses partner
    achieves ‘In Process’ FedRAMP child-process detection. Often they ecosystem for delivering these
    designation may identify a component of an services.
    attack as a ‘child process’ without
    identifying the malicious parent Palo Alto does not have
    PAN Cortex Details / History process responsible. vulnerability or configuration
    Cortex is a move against the domination management information.
    of Splunk in regards to big data analysis Response: Cortex has not native and
    done in the cloud. This fits into PANW While Traps is being licensed on an
    automated remediation or response.
    plan to be the platform of security, with All necessary tasks are manual, or agent basis, Cortex XDR is sold
    their recent SOAR acquisition of Demisto. based on storage size and period, in
    need to be “defined” manually via 3rd
    contrast to an agent basis, and it
    party integration. can only be purchased in discrete
    Cortex 2.0 was announced in November
    2019. Cortex 2.0 centers around numbers of 1TB storage. Each TB
    Forensics / EDR: There is limited license comes with 200 agent
    providing updated/new "toolsets" to contextual visibility for events tied to licenses included.
    improve visibility, usability, and endpoint a singular malware campaign. Putting
    protect features. 3rd party data injestion all the “events” together for a single
    is broadened as well. Prior to this launch, “attack”. Cotex relies heavily on
    management of Traps and Cortex XDR Wildfire analysis and Windows event
    was achieved via separate consoles. This logs to piece together their version of
    has been unified in the Cortex 2.0 release a “storyline”

    Sen$nelOne’s Differen$ators
    #1 On device AI, for static and behavioral detection in a single agent.

    #2 Simple and clean management interface improves visibility


    and reduces responder workload

    #3 Feature parity across support platforms (Win, macOS, Linux)


    In Process
    #4 Remediate / Repair / Rollback

    #5 Complete API (bi-directional, full product/policy control)

    #6 Cloud-agnostic prevention of LOTL and “Fileless” attack TTPs

    #7 Alerts mapped to the MITRE ATT&CK framework

    605 Fairchild Drive, Mountain View,CA 94043 | +1-855-868-3733 | partners.sentinelone.com | channel@sentinelone.com | S1 Partner & Internal Use Only
    Securing the
    Best of the Best.
    At SentinelOne, customers are #1. Global industry
    leaders across every vertical thoroughly test and
    select us as their endpoint security solution of
    today and tomorrow. We protect trillions of
    dollars of enterprise value across millions of
    endpoints. The SentinelOne platform safeguards
    the world’s creativity, communications, and
    commerce on devices and in the cloud.

    605 Fairchild Drive, Mountain View,CA 94043 | +1-855-868-3733 | partners.sentinelone.com | channel@sentinelone.com | S1 Partner & Internal Use Only

    You might also like