Help defend your customers against ransomware, zero-day attacks, and evolving online threats.
Security threats multiply and morph daily. Once a new threat is resolved, cybercriminals find another angle or exploit. As an MSP, your customers expect you to keep them protected even with the onslaught of new threats and attacks. Staying on top of these threats can be almost impossible when you already have a full-time roster of clients. The endpoint detection & response feature is designed to help you stay ahead of these threats without adding more to your already overloaded plate.
- Near real-time file analysis: The system can analyze files continuously, replacing time-intensive recurring scans.
- Signatureless approach: Fight back against the latest threats without having to wait for daily definition updates.
- Offline protection: Artificial intelligence data is stored on the endpoint to keep it protected while offline—and to help you avoid waiting for signature updates, or waiting for the endpoint to connect to the cloud to check against reputation scores.
- Machine learning: The system uses machine learning to determine how to best respond to threats and adjusts those responses over time.
- Autonomous action: Leverage policy-based endpoint protection to neutralize threats at the endpoint automatically.
- Behavioral artificial intelligence engines: The feature includes eight AI engines that analyze multiple data points to identify threats and determine if a response is necessary.
- Near real-time alerts: Discover threat activity quickly with alerts whenever a threat is detected or neutralized.
- Easy-to-use dashboard: View threat information at a glance on a single dashboard that includes quick links to key remediation actions.
- Executive insight and key findings: See aggregated data on threats over time. For example, you can view the current number of active threats, the number of threats found in a specified time period, and view threats and fixes over time.
- Forensics: See an overview and the storyline of an attack, so you can quickly understand the threat.
- Threat summaries: Review information on specific threats, such as dates they were identified, dates they were reported, and their file names. Summaries also include links to the Google threat database and VirusTotal websites for more information.
- Raw data report: Dig into the details on threat information, including timing, activities taken by the file, and its SHA1 hash.
Respond Effectively through Automation
- Custom policies: Use policy-driven protection tailored to your customer, which allows/blocks USB, allows/blocks endpoint traffic, and specifies the best automated response.
- Multiple recovery options: Choose your preferred recovery option after attacks—from partial recoveries to fully-automated responses.
- Enhanced quarantine: Select the Disconnect from Network option to prevent machines from further infecting the network.
- Automatic rollback: Attacks are automatically contained and neutralized, and compromised files are automatically replaced by the last known healthy version.