WEEHAWKEN, N.J.--(BUSINESS WIRE)--TrueFort, the lateral movement protection company, today announced it now ingests telemetry from SentinelOne (NYSE: S) to map application behavior across cloud and on-premises workloads, enforce Zero Trust segmentation policies and prevent lateral attacks.
The TrueFort integration enables customers to expand their SentinelOne use cases with a positive security model. By absorbing SentinelOne real-time telemetry and applying behavior analytics to visualize and baseline application flow dependencies, the TrueFort platform creates a trusted behavioral profile for each application. Using this profile, TrueFort automatically generates microsegmentation policies from observed behavior, alerts on anomalies, and automates policy enforcement through the firewall rules capability of the SentinelOne agent.
“Using telemetry from SentinelOne agents, the TrueFort Platform combines visualization and analysis of complex security relationships to understand, define, and enforce accepted application behavior policies,” said Sameer Malhotra, CEO of TrueFort. “Understanding the context of what, who, when and how unusual activity occurred, enables customers to implement smart Zero Trust policies for microsegmentation and service accounts.”
“By leveraging telemetry from SentinelOne's agent and firewall capabilities, TrueFort can automatically create and deploy microsegmentation rules into customers’ cloud workloads to reduce their attack surface and help contain security incidents,” says Ely Kahn VP Product for Cloud Security at SentinelOne. “We are excited about this integration and the value it will create.”
TrueFort takes advantage of SentinelOne’s endpoint security telemetry to create a trusted profile for each application that includes:
Dependency discovery and mapping: that serves as the foundation for the trust profile and application behavioral policies.
Automated policy generation: the trusted application profile is used to model behavioral policies that are enforced by security controls such as microsegmentation, and update them when application behavior changes. Since TrueFort uses SentinelOne’s firewall rules capability for policy enforcement, no additional agents are required for microsegmentation.
Application control allow-listing: TrueFort identifies normal behavior and automates policy controls for application execution to the individual process-level, and governs allow-lists of known running processes and their behaviors. Any executables outside of the allow-list are terminated.
Multi-dimensional microsegmentation – based on the behavioral understanding of application activity, TrueFort automates segmentation policies without trial and error guesswork. This includes automatically updating blocking rules when hostnames and IP addresses change.
Anomaly detection – identifies application behaviors that are outside of the normal activity baseline. In addition, DVR-like playback capabilities expose the underlying cause of anomalies in incident investigations.
The integration of TrueFort with SentinelOne is available immediately worldwide.
TrueFort puts you in control of lateral movement across the data center and cloud. The TrueFort Cloud extends protection beyond network activity by shutting down the abuse of service accounts. Founded by former IT executives from Bank of America and Goldman Sachs, leading global enterprises trust TrueFort to deliver unmatched application environment discovery and microsegmentation for both identity and activity. For more information visit https://truefort.com and follow us on LinkedIn and Twitter.