IF YOUR COMPANY USES THE INTERNET TO CONDUCT BUSINESS, YOUR COMPANY IS AT RISK FROM A CYBER THREAT.
Endpoints
ATTACK SURFACE REDUCTION
SMB
SMB
SMB
Web Security
Automatic scanning of downloaded content and reputation checking of downloaded content
Download Reputation
Automatically prompting of the user on risks, based on the reputation of file that they are attempting to download
Web Control / Category-based URL Blocking
URL-filtering feature dynamically checks URLs through SXL queries to the central management server, obtaining the latest threat information. SXL is the infrastructure that is used to submit real-time, DNS-based queries regarding IP addresses.
Peripheral Control
Allow / deny / monitor Peripheral devices (ex Disable USB)
Application Control
Categorically enables you to detect and block “controlled applications”, that is, legitimate applications that are not a security threat, but that you decide are unsuitable for use in your office environment.
Client Firewall
Ability to interact and configure endpoints Windows firewall
Device Isolation
Isolate a device from the network to avoid the spread of viruses or to investigate cases that threaten the safety of the entire network
PREVENTATIVE
SMB
SMB
SMB
Deep Learning Malware Detection
Prediction modeling from hundreds of millions of samples of malware, allowing detection from never seen before threats
Anti-Malware File Scanning
Part of ML/PE-A Machine Learning (ML) engine Deep Learning designed to detect malicious Portable Executable (PE) files
Live Protection
Prediction modeling from hundreds of millions of samples of malware, allowing detection from never seen before threats
Pre-execution Behavior Analysis (HIPS)
Part of “Host Intrusion Prevention System” (HIPS): the behavior of code is analyzed before it runs and is prevented from running if it is considered to be suspicious or malicious
Potentially Unwanted Application (PUA) Blocking
Potentially Unwanted Application (PUA) is non-malicious software that could potentially present unwanted behavior.
Data Loss Prevention
Content scanning within the threat detection engine for creation of sensitive data type.
Ability to block file transfers of sensitive data
Exploit Prevention
Deny attackers their favorite tools for conducting attacks by blocking the exploits and techniques used in both malware-based and file-less attacks.
DETECTION
SMB
SMB
SMB
Runtime Behavior Analysis (HIPS)
Identifies the suspicious behavior of processes that are running and present on the computer at the time. This analysis protects you against attacks from malware, spyware, hacking tools, and Potentially Unwanted Applications as well as some exploits and intruder attacks.
Malicious Traffic Detection (MTD)
A component that monitors HTTP traffic for signs of connectivity to known bad URLs such as Command and Control servers. Detection of this traffic shows an early indicator that a new piece of malware may be present.
Active Adversary Mitigations
Deep learning malware detection, anti-ransomware, anti-exploit technology, and active adversary mitigations to prevent attacks
XDR gives security analysts the ability to hunt threats, plus investigate and respond to potential incidents
Ransomware File Protection (CryptoGuard)
CryptoGuard is constantly monitoring file writes for encrypted files. If it detects that actions behave like ransomware, it will restore the impacted files and stop the detected process’s execution.
Disk and Boot Record Protection (WipeGuard)
Secure against threats like Petya by protecting the disk and boot record.
Man-in-the-Browser Protection (Safe Browsing)
Includes policies to monitor a web browser’s encryption, presentation and network interfaces to detect “man in the browser” attacks that are common in many banking Trojan viruses
RESPOND INVESTIGATE AND REMOVE
THREAT PROTECTION
SMB
SMB
SMB
Automated Malware Removal
Provides advanced detection and malware removal without intervention
Root Cause Analysis
Administer Threat Cases – automatically identify the root cause or sequence of events that led to a potentially malicious file.
Clean
Removes persistent threats from within the operating system and replaces infected Windows resources with the original, safe versions. Reinfection attempts are proactively blocked until threat remediation is completed.
Endpoint Detection & Response (EDR)
Tools for advanced threat hunting / IT security operations hygiene.
Inspects your endpoints and servers, both on-premises and in the cloud
TAMPER PROTECTION
SMB
SMB
SMB
Domain or IdP Membership:
Register (join) all supported Company owned computing devices for IdP management and endpoint login purposes.
PATCH MANAGEMENT (OS + Third party)
SMB
SMB
SMB
Patch Management Tools
Windows Automated System Management
- Remote Monitoring and Management (RMM)
MacOS Automated System Management
- Mobile Device Management (MDM)
Linux Automated system management
- Remote Monitoring and Management (RMM)
Security Management Portal
Security Operations Center (SOC)
Patching Policy Config
Update the hardware BIOS (as available)
Keep all software (OS and application) up to date to the extent possible
Critical updates/patches shall be applied within 5 days, normal patches within 30 days.
Patching Policy Config
Update the hardware BIOS (as available)
Keep all software (OS and application) up to date to the extent possible
Critical updates/patches shall be applied within 5 days, normal patches within 30 days.