Bit9 has added new detection and forensic capabilities to its platform to leverage endpoint and server sensor technologies.

The additions allow for a continuous recording of all activity on endpoints and servers to be made, which can help identify attack patterns, according to Bit9. New additions allow an organisation to install a single agent on an endpoint or server to provide advanced threat detection, protection and forensics simultaneously, as well providing instant enterprise-wide information without polling or scanning, it added.

The company said this ability is powered by Bit9's new Advanced Threat Indicators (ATI) that identify advanced threat patterns based on file and process attributes and behaviours, find threats in real-time, in the past and based on a sequence of events and leverage the cloud-based Bit9 Software Reputation Service.

Brian Hazzard, vice president of product management, said: “To defend themselves against advanced threats and zero-day attacks, enterprises need a security solution that monitors and records all activity on their endpoints and servers in real-time.

“However, they want to avoid installing multiple agents that degrade system performance and increase administrative overhead. Bit9 offers the only single endpoint and server sensor-and-recorder that provides advanced threat detection, protection and forensics.

“Our new Advanced Threat Indicators detect attacks that signature-based security solutions, especially anti-virus and behavioural host intrusion prevention systems cannot. This has already produced significant value at our early access customer sites. We've detected malicious files and activities that evaded traditional security solutions.”