Defensys has introduced an updated technology of Defensys Endpoint for data collecting, detection and response on endpoints. Among the key changes is the enhanced number of integrations with other Defensys products. The vendor has also improved events collecting and added new response techniques.
The Defensys Endpoint technology expands functionalities of other technologies and offers additional advantages for users. Thanks to the Defensys Endpoint each user is able to conduct detailed asset inventory, detect threats and respond directly on endpoints. Users now can also automatically conduct technical audit of all popular operation systems according to cyber security standards.
Due to these innovations the Defensys Endpoint can be used as a sensor for IoC detection on servers and users workstations in the company’s infrastructure. Now users can receive events independently from configurations of other security systems and also from the node’s location – inside or outside the organization. The feature was supplemented as a result of integration with the Defensys TIP.
Besides, the developer created a new integration with the Defensys SGRC Platform, which allows users to conduct technical audit of the node according to legislation and chosen security level. This way you can check correctness and optimality both of operating system and application software settings and make sure the node complies with the requirements.
One more important update refers to an improved event collecting from Linux systems. In particular, Defensys updated the Endpoint technology by adding centralized management of cyber security policies regarding events collecting on nodes. This could be especially useful for systems with complicated settings of cyber security audits and systems, where data completeness doesn’t allow to conduct a qualitative investigation.
A range of other functional changes is connected to the enhanced number of response techniques. Using this, users are able to send files from nodes to any system with POST/PUT HTTP interface. For example, to a sandbox. The Defensys Endpoint currently has the centralized files search according to their hash sums. This helps to determine other affected nodes quickly and effectively and prevent further spread of threats in the company.
“The Defensys Endpoint is a significant tool for building of complex security in the organization. Using the Defensys Endpoint customers can not only quickly respond on an incident, but also expand the visibility of many events occurring in the system, including users’ actions, file modifications, start of different processes, and others. Thereby, the Defensys Endpoint helps to detect anomalies and potential threats, that can be missed by other security systems. We’re sure, this technology is irreplaceable for a better cyber security in the organization, that’s why we continue to develop it as one of the key components” – commented Andrey Chechetkin, Deputy CEO at Defensys.