Autonomous Endpoint Protection

Executive Summary

Managed Detection and Response (MDR) offers a single autonomous agent while providing two packages to cover deployment of different sizes and security requirements.

MDR Core has all endpoint security essential features in place, including prevention, detection and response. Everything you need to keep your assets safe.

MDR Complete adds more capability to MDR Core such as threat hunting and Deep Visibility (EDR)

MRD | Core

  • Detection / Threat Hunting BASIC
  • 100% Endpoint Protection Capabilities
  • 100% Remediation
  • Suite Features BASIC

MDR | Complete

  • Detection / Threat Hunting ADVANCED
  • 100% Endpoint Protection Capabilities
  • 100% Remediation
  • Suite Features ADVANCED

The Endpoint Protection Platform (EPP) unifies prevention, detection, and response in a single purpose-built agent powered by machine learning and automation

Core vs Complete

Endpoint Protection

Multi-layered AI-powered protection to replace Anti-Virus Products

Core Complete
Static AI

Pre Execution protection for known and unknown file based malware

Behavioral AI

Agent side behaviour monitoring covering any attack vector, including unknown exploits and bypass attempts of traditional AV

Documents,Scripts

Behavioral AI engine built to detect and mitigate malicious code and scripts in documents

Fileless,Exploits

Behavioral AI engine capable of detecting fileless attack and exploits

Lateral Movement

Behavioral AI engine focused on discovering attempts coming from another device over the network.

PUP

macOS engine to protect from potentially unwanted programs

Endpoint Protection and Response

USER ENDPOINT CLIENTS

Windows XP, 7, 8, 8.1, 10
Mac OSX 10.9.x, 10.10.x, 10.11x, macOS
10.12x macOS 10.13 (High Sierra)
CentOS 6.5, 7.0, 7.2
Red Hat Enterprise Linux 6.5, 7.0, 7.2
Ubuntu 12.04, 14.04, 16.04, 16.10
openSUSE 42.2

SERVER ENDPOINT CLIENTS

Windows Server 2003, 2008, 2008 R2, 2012,
2012 R2, 2016
CentOS 6.5, 7.0, 7.2
Red Hat Enterprise Linux 6.5, 7.0, 7.2
Ubuntu 12.04, 14.04, 16.04, 16.10
SUSE Linux Enterprise Server 12SP1
Oracle Linux 6.5 – 6.9, 7.0+
Amazon Linux (AMI) 2016.09+, 2017.03+

VIRTUAL ENVIRONMENTS

Citrix XenApp, XenDesktop
Microsoft Hyper-V
Oracle VirtualBox
VMware vSphere
VMware Workstation
VMware Fusion
VMware Horizon

Protection

  • Autonomous multi-layered prevention that covers all attack vectors,even when office
  • Machine learning technology that does notr rely on signatures and does not require daily/weekly updates or recurring scans
  • Mitigation of the full context of malicious activity,reducing time and cost of fixing up infected devices
  • Providing the right forensics.Blocking is not enough.Customers want to know where threats come from and what tried to do

 Visibility

  • Cross platform visibility into endpoints. we go beyond the limits of EPP and EDR with value added capabilities such as IT hygiene data
  • Visibility into encrypted traffic-because all users are exposed to phishing and 70% of web traffic is encrypted
  • Visibility on all applications and running processes

 Simplicity

  • One lightweight agent provides the following functionality
    • EPP
    • EDR
    • HIPS
    • File Integrity Monitoring
    • Vulnerablity/Risk Management
  • Managed console hosted in the cloud,on-premise,or in a hybrid model higher efficiency,lower system impact,and an optional end user experience

 Automation

  • The autonomous platform is built with an API-first approach and has integrations with SonicWall,  Fortinel, Splunk, QRadar, LogRhythm, Demisto, Phantom, and even Alexa to name a few!
  • Automatically isolate infected devices and immunize the remaining of the endpoint estate
  • Recover files in the highly unlikely case of ransomware infections in the last 12 month,recovery and rollback is a convenient capability

BEFORE

Static AI

Prevent attacks
Pre-execution

DURING

Behavioral AI

Constantly monitor and map
each running process for
incongruous behaviors

AFTER

Automated EDR

Automate remediation and
response…even rollback

error: