Key Threat Prevention Technologies

Anti-Malware

  • The Anti-Malware security engine detects trojans, viruses, malware, and other malicious threats.

  • The engine is implemented as a multi-threaded flexible scanner daemon. It is managed centrally through a web-console.

  • In addition, it supports command line utilities for on-demand file scans, access functionality, and automatic signature updates.

  • Managed centrally through a web-console and also supports Command Line Utilities for on-demand file/folder scans, detection lists and file restorations

Endpoint Detection and Response (EDR) / Threat Hunting

  • Endpoint Security for Linux, updates ThreatCloud with Indicator of Compromise (IoC) and Indicator of Attack (IoA) events.

  • Threat Hunting technology lets the administrators proactively search for cyber threats that made it through the first line of defense to the Linux Endpoint device.

  • Threat Hunting uses advanced detection capabilities, such as queries and automation, to find malicious activities and extract hunting leads of data.

  • Supporting events:

    • Process - start / stop

    • Files - create / delete / rename / open

    • Network - local connections, ports, DNS

Behavioral Guard

  • Dynamic analysis of malware executed on the Endpoint Client is performed based on the behavioral patterns of various attack types, including ransomware, cryptominers, and trojans.

  • Centrally managed via the web management platform.

  • Leverages a large set of constantly updated signatures to detect, prevent, and remediate modern attacks.

  • Features automatic signature updates powered by the latest intelligence, ensuring adaptation to emerging threats

Anti-Ransomware

Monitors the endpoint for signs of ransomware activity and helps prevent file encryption by malicious actors.

Forensics

Generates detailed analytics and interactive reports from threats and incidents, providing a comprehensive view of attack flows and actionable insights for effective remediation.

Note:

Starting from version 1.22.x, the Forensics security blade is installed by default when the Behavioral Guard security blade is installed.