200813-0226

INDE EDR

Autonomous endpoint detection & response

Solution fit

The Inde EDR solution is designed for companies who want to manage endpoint device security proactively and would like to have this task performed by a skilled Security team (SOC) with a best of breed solution. Some questions that are asked of CIOs or IT Managers that may prompt these considerations are:

  • Do you have a best in class antivirus product with analytics and remediation?
  • Is your antivirus actively managed and maintained by a trained and qualified IT security specialist who is an expert in that product?
  • If you find a device that is compromised are you able to tell how it became compromised? Are you then able to recommend and implement a solution to resolve that risk?
  • If you have a SOC or at least one security specialist on your team, do you have cover for them when they are unwell or go on holiday?
  • Does your organisation have legal requirements or insurance policies that require you to take “reasonable care” with IT security?

Solution overview

Inde EDR is an Endpoint Detection and Response capability to provide full coverage of pre-execution, execution and post-exploitation activity on workstation and servers alike.

The solution comprises a lightweight endpoint agent that is installed on individual workstations and servers that report into a cloud-based console for management.

The capabilities of our adversaries have evolved beyond what traditional antivirus can reliably protect us from. Our chosen detection technologies must now be capable of demonstrating cross-platform visibility; including visibility into all applications and running processes within our endpoint environment - making EDR technology an essential tool in the security arsenal of any organisation.

Inde EDR allows you to gain all the Endpoint Protection Platform (EPP) benefits including:

  • Unified prevention, detection, and response in a single purpose-built agent
  • Prevention and detection of attacks across all major vectors
  • Rapid elimination of threats with fully automated, policy-driven response capabilities
  • Complete visibility into the endpoint environment with full-context, real-time forensics

Inde EDR utilises the latest in machine learning technology, removing the reliance on traditional antivirus signatures for malicious content analysis. By removing the heavy dependence on frequent antivirus updates, your internal IT team is awarded significant cost savings while also mitigating previously unseen threats.

Inde are committed to delivering a managed EDR service that centralises endpoint and network visibility across your workstation and server fleets and enables you to gain extensive real-time and forensic coverage of exploits, malware, or lateral movement to ensure that threats are contained and resolved with minimal disruption to operations.

Samples

The Security operations dashboard is where the endpoint detection and response capabilities are surfaced. It provides a high-level overview of where detections were seen and highlights where response actions are needed.

The dashboard displays a snapshot of:

  • Active alerts
  • Machines at risk
  • Sensor health
  • Service health
  • Daily machines reporting
  • Active automated investigations
  • Automated investigations statistics
  • Users at risk
  • Suspicious activities

From the security operations dashboard, you are able to see aggregated events to facilitate the identification of significant events or behaviours on a machine. You can also drill down into granular events and low-level indicators.

It also has clickable tiles that give visual cues to the overall health state of your organization. Each tile opens a detailed view of the corresponding overview.

Inde EDR

 

WANT TO LEARN MORE?

Fill out the form and one of our experts will be in touch soon.