Endpoint Protection Suite

Deep Learning Malware Analysis – Deep learning neural networks have consistently out-performed other forms of machine learning when it comes to detecting malware

AI Malware Detection – Blocks malware before it executes, Does not rely on signatures, Protects even when the host is offline, Detects malware in approximately 20 milliseconds

Advanced On-demand Threat Intelligence – Receives and processes approximately 400,000 previously unseen malware samples each day.

Active Adversary Mitigations – Exploit techniques used by third parties to gain malicious access to computers, like; Credential theft, Code cave utilization, Malicious process, privilege escalation, APC protection (Atom bombing), Sticky key protection, Application verifier protection, Improved process lockdown and  Browser and application behaviour lockdown.

Anti-Malware File Scanning – Prevents both known and never-seen-before malware, analyzes 2.8 million new malware samples every week, Extremely small footprint

Live Protection – uses in-the-cloud technology to instantly decide whether a suspicious file is a threat and take action specified in the anti-virus and HIPS policy.

Automated Malware Removal – Monitors execution, processes activity & Eliminates

Malicious Traffic Detection (MTD) – Monitors network traffic for signs of connectivity to known bad servers and URLs, such as command and control servers.

Download Reputation – Checks files downloaded against a database of files

Enhanced Application Lockdown – Provides protection against malicious scripts and code delivered by common infection vectors including; but not limited to: Web Browsers, Office Applications, Email Clients

Web Control / Category-based URL Blocking – Set Acceptable web usage / Control data sharing  / Enforced Web filtering

Intrusion Prevention System – Examine network traffic for anomalies to prevent DoS and other spoofing attacks

Man-in-the-Browser Protection (Safe Browsing) – monitor a web browser’s encryption, presentation and network interfaces to detect “man in the browser” attacks that are common in many banking Trojan viruses

Disk and Boot Record – Wipe Protection

Peripherals – Control access to peripherals (USB) and removable media

Exploit Prevention – Detects program code that takes advantage of vulnerabilities on the computer to exploit administrator privileges or to perform malicious activities

Data Loss Prevention – Prevent Data Leaks from threat actors and internal staff from accidental leaks

Application Control – Allows you to detect and block applications that are unsuitable for use in your organization

Potentially Unwanted Application (PUA) Blocking – Prevent the installation of programs that you do not want installed on your organization’s systems. 

Pre-execution Behavior Analysis – (HIPS) Host Intrusion Prevention System, the behavior of code is analyzed before it runs and is prevented from running if it is considered to be suspicious or malicious

Runtime Behavior Analysis – (HIPS) Host Intrusion Prevention System for runtime detection, intercepts threats that cannot be detected before execution

Antimalware Scan Interface (AMSI) – Checks include whether scripts are safe to run, even if they are obfuscated or only generated at runtime 

Ransomware File Protection – Uses behavioral analysis to stop previously unseen ransomware and boot record attacks. Monitors the system for processes that encrypt files, creating copies of the files as the process opens the files, in the event it is a Ransomware attack all files will be  restored.

Department of Defense (DOD)

• Developed by the Defense Information Systems Agency (DISA) on behalf of the Department of Defense (DOD) , this is the accepted standard used by federal government organizations and contractors to ensure the security of government information.

General Data Protection Regulation (GDPR IV)

• Is a regulation that harmonizes national data privacy laws throughout the EU and enhances the protection of all EU residents with respect to their personal data.

Center for Internet Security (CIS)

• CIS benchmarks are internationally recognized as security standards for defending IT systems and data against cyberattacks.

Center for Internet Security (CIS_V8)

• The CIS Critical Security Controls (CIS Controls) are a prioritized set of Safeguards to mitigate the most prevalent cyber-attacks against systems and networks. They are mapped to and referenced by multiple legal, regulatory, and policy frameworks.

Good Practice Guide 13 (GPG 13)

• Is a protective monitoring framework for all British government systems and networks, service providers and outsourcing companies. The GPG 13 is defined by the Communications-Electronics Security Group (CESG).

PHIPA / HIPAA 

• Is a series of rules governing the use, disclosure, and collection of health information. PHIPA & HIPAA regulates the use of protected health information, or PHI. 

NIST 800-53 

• Is a cybersecurity standard and compliance framework developed by the National Institute of Standards in Technology. It’s a continuously updated framework that tries to flexibly define standards, controls, and assessments based on risk, cost-effectiveness, and capabilities.

NIST 800-171 

• Is a NIST Special Publication that provides recommended requirements for protecting the confidentiality of controlled unclassified information (CUI).

ISO 27002 

• Is a specification for an information security management system (ISMS). 27002 is a detailed supplementary guide to the security controls in the ISO 27001 framework.

Payment Card Industry Data Security Standard (PCI DSS)

• Is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.

To counteract Vulnerabilities and Exposures you need to update (Patch) the OS and all installed applications, scan for vulnerabilities continually. A daily scan will show the vulnerability count for each Endpoint. All systems are enrolled into our Vulnerability Management System and continually scanned for Vulnerable software.

If your Compliance Standard or internal Security Policy requires an Endpoint Vulnerability Management Program we have you covered, if it doesn’t, you could be vulnerable right now regardless of your security controls. One exploited application or missing security patch is all that is needed to leave your system vulnerable to an attack.

We continually scan for exploits and send reports on Endpoint Compliance status as requested or at regular intervals for your auditors. 

Not sure what applications have a CVE, click this link and type in one of the programs that you use on your computer and all the CVE’s will appear for that application, it will tell you what versions are affected and score this (CVSS) based on criteria like “Overall damage will this cause” and “how easy is it to exploit”.