Enterprise Endpoint Detection and Response (EDR)

Your network security is as strong as your least secure endpoint. Even a single endpoint left unsecured will increase your network’s vulnerability. To strengthen your network security, you need to secure each and every endpoint. And only via this way, you can reduce cyberattack risks.

A cybercriminal uses following ways to conduct a cyberattack:


If unruly behavior is observed across genuine programs, they are assumed malicious as they can get manipulated by malware. In such situations, Boundary Protection Rules can contain all the threats and strengthen your network’s safety.

You can use the Safety Check/Audit Mode to analyse how the Boundary Protection Rules (surface attack detection) can improve your network security, if enabled. To ensure your network isn’t jeopardized, always audit events generated by Boundary Protection Rules. This way you can understand how all of your applications are getting affected.

Not all genuine applications are developed with maximum security concerns and may appear as if they are executing the same behaviour as malware. By observing the Safety Check Report, you can add security exclusions for genuine applications and apply Boundary Protection Rules to your network, without slowing down endpoint performance.

Whenever a boundary protection rule is violated, an alert will be sent to the administrator. You can configure the Alert Settings for multiple recipients, as per your requirements. To ensure maximum protection, you need to deploy a full eScan Enterprise EDR license, which lets you use full capabilities of EDR including Monitoring, Statistics, and workflows available in the eScan Enterprise EDR.

The eScan dashboard will display complete EDR activity across your network. You can also download and export the EDR reports to observe actions taken by Boundary Protection Rules.

Endpoint Detection and Response (EDR) Key Features

Windows Event Collector (Security Events)
Threat
Analysis
Historical
investigation- RCA
Events
Co-relation

Block executable content
from email client and webmail
Block all Office applications
from creating child processes
Block Office applications from
creating executable content
Block Office applications from injecting code into other processes
Block JavaScript or VBScript from launching downloaded

Block execution of potentially obfuscated scripts
Block Win32 API
calls from Office
macros
Use advanced
protection against
ransomware
Block credential stealing from the Windows local security
Block process creations originating from PsExec and WMI commands

Block untrusted and unsigned processes that run from USB
Block Office
communication application
from creating processes
Block Adobe Reader from
creating child
processes
Block persistence
through WMI event
subscription

Broad Overview

Malware Threat Defense and Remediation
Endpoint Detection
and Response
Data
Leak Prevention
Two Factor
Authentication
Remote Monitoring
and Management

Employee Productivity and Monitoring tools
Audit
and Compliance
Security Information and Event Management
Information Centric Audit and Protection
User and Entity Behavior Analytics
Anti
Ransomware

Looking for Benefits? Here they are!

Unified Management

With unified management, enterprises do not have to worry about the security...

Device Control

eScan EPP helps in monitoring and securing critical data to prevent...

Application Control

eScan EPP allows creating list of applications that the administrator...

Print Activity Monitoring

Considering that in today’s scenario, there is always a possibility of data...

Two way Firewall

eScan EPP is equipped with two way firewall that is designed to prevent...

Asset Management

It is important to keep an eye on the IT assets of the endpoints connected to the...

Cloud Security

There is a need for a real-time protection to endpoints from objectionable content ...

Malware URL Filter

Web pages with links to malicious applications pose biggest risks...

Role Based Administration

eScan EPP enables you to share the security configuration and monitoring responsibilities...

Session Activity Report

This feature is helpful to detect the misuse of the computer at a specific time...

File Activity Report

eScan monitors and logs the file activity of the managed endpoints...

eBackup

Taking regular backup of critical files stored on the managed endpoints...

Customized Setup

eScan allows you to create customized client setup with pre-defined Policy Template.

One time Password

eScan’s password protection restricts user access from violating a security policy...

Vulnerability Scanner

This option will allow the administrator to check the vulnerability of the software...

Windows Patch Management

eScan checks the endpoints for missing patches on the OS by matching the installed...

Anti-Spam Filter

eScan employs combination of technologies to prevent spam.

Mobile Device Management

Enterprises empower employees by allowing use of mobile devices in the...






Featured Solutions

eScan Enterprise EDR
(with MDM & Hybrid Network Support)






Live Chat
Top