- Minimum purchase: 10 licenses
- Minimum service period: 1 month
- Implementation: cloud environment hosted by the vendor
Solution
WithSecure Elements Endpoint Detection and Response (EDR)
The solution is designed to detect and respond to threats occurring on endpoints. It provides automation and accelerates the process of detecting security breaches of an organization's critical business assets.
Monitor endstation activity with lightweight agents providing real-time upload of any security incidents for analysis in the WithSecure cloud
Support behavioral analysis with Broad Context Detection™ functionality, increasing the efficiency and effectiveness of suspicious activity detection
Ability to verify detected incidents with the availability of detailed reports containing a broad contextual set of information
Verification of detection once with a set of advice on how to eliminate a given threat (possibility to forward the case directly to WithSecure security team).
Why WithSecure Elements Endpoint Detection and Response (EDR)?
- improve visibility - improve visibility and IT security health with application and endpoint inventories,
- detect breaches quickly - quickly identify attacks with instant alerts,
- respond fast whenever under attack - attacks immediately become visible on a timeline with all affected hosts, relevant events and recommended actions,
- event search - built-in functionality allows you to browse, search and explore event data collected from company endpoints,
- event search for Threat Hunting - the function is used to explore and interact with all raw event data collected from endpoints. Its advanced filtering capabilities allow you to conduct threat hunting , to stop and detect the most advanced ones. Event Search for Threat Hunting is an optional component of WithSecure Elements Endpoint Detection and Response,
- WithSecure Panel - for difficult cases, the solution has a built-in Elevate to WithSecure service. It offers professional incident analysis for methods and technologies , as well as traffic origin and Broad Context Detection™ to provide expert advice and further guidance on how to respond in the event of an attack
- automated response - automated response activities can be used to reduce the impact of cyber attacks by deterring them 24/7 ,
- host isolation - by isolating hosts, breaches can be stopped at an early stage.