Enterprise Endpoint Detection and Response (EDR)

Enquire about eScan here!

Your network security is as strong as your least secure endpoint. Even a single endpoint left unsecured will increase your network’s vulnerability. To strengthen your network security, you need to secure every endpoint. And only in this way, you can reduce cyberattack risks.

A cybercriminal uses the following ways to conduct a cyberattack:

  • Launch scripts and executables that download a malicious payload or run other malicious programs
  • Run malignant scripts without the user’s knowledge in the background
  • Make a program violate its rights and escalate permissions for suspicious activities

If unruly behavior is observed across genuine programs, they are assumed malicious as they can get manipulated by malware. In such situations, Boundary Protection Rules can contain all the threats and strengthen your network’s safety.

You can use the Safety Check/Audit Mode to analyze how the Boundary Protection Rules (surface attack detection) can improve your network security if enabled. To ensure your network isn’t jeopardized, always audit events generated by Boundary Protection Rules. This way you can understand how all of your applications are getting affected.

Not all genuine applications are developed with maximum security concerns and may appear as if they are executing the same behavior as malware. By observing the Safety Check Report, you can add security exclusions for genuine applications and apply Boundary Protection Rules to your network, without slowing down endpoint performance.

Whenever a boundary protection rule is violated, an alert will be sent to the administrator. You can configure the Alert Settings for multiple recipients, as per your requirements. To ensure maximum protection, you need to deploy a full eScan Enterprise EDR license, which lets you use the full capabilities of EDR including Monitoring, Statistics, and workflows available in the eScan Enterprise EDR.

The eScan dashboard will display complete EDR activity across your network. You can also download and export the EDR reports to observe actions taken by Boundary Protection Rules.

Selected Features

Threat Analysis

All event logs are stored at a secured server and analyzed further for threats based on the malware type and corruption. They are checked against rule-based policies and regulations, then identified and categorized for security threat nature and level.

Block executable content from email client and webmail

This rule blocks the executables and script files that autorun quickly after opening an email.

  • Executable files (such as .exe, .dll, or .scr)
  • Script files (such as a PowerShell .ps, Visual Basic .vbs, or JavaScript .js file)

Data Leak Prevention

eScan empowers enterprises with advanced features for identifying and securing all critical data at rest or in motion.

It minimizes the risk of data loss with its advanced features for application and device control as well as data leak prevention at the Endpoint, Network, or Mail Gateway level.

eScan is equipped with features such as Block Port Scan attempt, USB Whitelisting, Disable Print Screen, Block File transfer through Messenger, Print Activity Management, File and Folder Protection, and Advanced two-way Firewall for managed endpoints.

Two Factor Authentication

Two-factor authentication (2FA) is an extra layer of security to make sure that users trying to gain access to the endpoints are legitimate users. An one-time password (OTP) will be sent to the user for logging in.