SECURE365's Advanced Endpoint Protection (AEP) and Managed Detection & Response is a game-changing, validated approach that offers the world’s only active breach protection that renders ransomware, malware and cyber-attacks useless.
| EPP Capabilities | SECURE365 SERVICE | CROWDSTRIKE |
|---|---|---|
| Signature-based anti-malware protection | Yes | Yes |
| Machine learning/algorithmic file analysis on the endpoint | Yes | Yes |
| Machine learning for process activity analysis | Yes | No |
| Process isolation | Yes | Yes |
| Memory protection and exploit prevention | Yes | Yes |
| Protection Against Undetected Malware | Yes | No |
| Application whitelisting | Yes | Yes |
| Local endpoint sandboxing/endpoint emulation | Yes | No |
| Script, PE, or fileless malware protection | Yes | Yes |
| Integration with on-premises network/cloud sandbox | Yes | Yes |
| Real-time IoC search capabilities | Yes | Yes |
| Retention period for full access to data | No limit | 1 month |
| Endpoint Firewall | Yes | Yes |
| FW Learning Mode | Yes | No |
| Automatically creates network traffic rules | Yes | No |
| URL Filtering | Yes | Yes |
| Host Based IPS | Yes | Yes |
| USB device Control | Yes | Yes |
| Full Device Control (Device Control based on Device Class product ID, Vendor ID and Device Name) | Yes | Yes |
| Agent self-protection/remediation or alerting when there is an attempt to disable, bypass, or uninstall it | Yes | Yes |
| Ransomware protection | Yes | Yes |
| Protect/block ransomware when "Offline" or "Disconnected" from the internet? | Yes | No |
| VDI support | Yes | Yes |
| Manage, and maintain, an application control database of known "trusted" applications? | Yes | Yes |
| Multi-tenant cloud based service | Yes | Yes |
| EPP management console available as an on-premises virtual or physical server/application | Yes | Yes |
| Consolidated EPP management console to report on, manage, and alert for Windows macOS clients and mobile | Yes | Yes |
| Data loss prevention | Yes | Requires Additional Product(s) |
| Mobile Device Management | Yes | Requires Additional Product(s) |
| Mobile threat Defense | Yes | Requires Additional Product(s) |
| Vulnerability and patch management | Yes | Requires Additional Product(s) |
| Network/Cloud sandboxing | Yes | No |
| Security Orchestration, Analysis and Response (SOAR) Integration | Yes | Yes |
| Network discovery tool | Yes | No |
| Remote Access | Yes | Requires Additional Product(s) |
| Remote scripting capabilities | Yes | Requires Additional Product(s) |
| Default Deny/Containment | ||
| Default Deny Security with Default Allow Usability | Yes | No |
| Run unknown files with Auto Containment Protection | Yes | No |
| Create Virtual environment for any unknowns | Yes | No |
| Virtualize file system, registry, COM on real endpoints | Yes | No |
| EDR | ||
| Telemetry (observables) | Yes | Yes |
| Interprocess Memory Access | Yes | Yes |
| Windows/WinEvent Hook | Yes | Yes |
| Device Driver Installations | Yes | Yes |
| File Access/Modification/Deletion | Yes | Yes |
| Registry Access/Modification/Deletion | Yes | Yes |
| Network Connection | Yes | Yes |
| URL Monitoring | Yes | Yes |
| DNS Monitoring | Yes | Yes |
| Process Creation | Yes | Yes |
| Thread Creation | Yes | Yes |
| Inter-Process Communication (Named Pipes, etc) up to this | Yes | Yes |
| Telemetry data itself can be extended in real time | Yes | No |
| Event chaining and enrichment on the endpoints | Yes | No |
| Detection/Hunting/Reporting | ||
| Adaptive Event Modelling | Yes | No |
| Behavioral analysis (e.g. analysis over active memory, OS activity, user behavior, process/application behavior, etc.) | Yes | No |
| Static analysis of files using capabilities such as machine learning (not including signature based malware detection) | Yes | Yes |
| Time-series analysis | Yes | No |
| Integration with automated malware analysis solutions (sandboxing) | Yes | No |
| Threat Hunting interface or API for searching with YARA/REGEX/ElasticSearch/IOC | Yes with Yara | IOC and Regex only |
| Support for matching against private IOC | Yes | Yes |
| Threat Intelligence integration (TIP, upload, webservice connector, etc) to enrich and contextualize alerts | Yes | Yes |
| Linking telemetry (observable data) to recreate a sequence of events to aid investigation | Yes | Yes |
| Process/attack visualization | Yes | Yes |
| Incident Response Platform (IRP) or orchestration integration? | Yes | Yes |
| Vulnerability reporting (ex. reporting on unpatched CVEs) | Yes | Yes |
| Alert prioritization based on confidence, able to define thresholds for alerting. | Yes | Yes |
| Alert prioritization factors system criticality | Yes | Yes |
| Able to monitor risk exposure across environment organized by logical asset groups | Yes | Yes |
| Reporting interface identifies frequent alerts that may be appropriate for automating response | Yes | Yes |
| Response | ||
| Remote scripting capabilities | Yes | No |
| Quarantine and removal of files | Yes | Yes |
| Kill processes remotely | Yes | Yes |
| File retrieval | Yes | Yes |
| Network isolation | Yes | Yes |
| Filesystem snapshotting | Yes | Yes |
| Memory snapshotting | Yes | Yes |
| MDR | ||
| Managed endpoints | ||
| Manage customer endpoints and policies | Yes | No |
| Incident Investigation & Response | Yes | No |
| Preemptive containment | Yes | No |
| Application profiling (AI support) | Yes | Yes |
| Customizable policy creation | Yes | No |
| Central monitoring of all endpoints | Yes | No |
| Live remote inspection | Yes | No |
| Tuning of monitoring rules for reduction of false positives | Yes | No |
| Forensic analysis | Yes | No |
| Managed network | ||
| Cloud-based SIEM and Big Data Analytics | Yes | No |
| Log data collection/correlation | Yes | No |
| Threat intelligence integration | Yes | No |
| Network profiling (AI support) | Yes | No |
| Available as virtual or physical | Yes | No |
| Integrated file analysis (cloud sandbox) | Yes | No |
| Full packet capture | Yes | No |
| Protocol analyzers for 40+ different protocols such as TCP, UDP, DNS, DHCP, HTTP, HTTPS, NTLM, etc. w/full decoding capability | Yes | No |
| Managed cloud | ||
| Includes ready-to-use cloud application connectors for: | ||
| Azure | Yes | Yes |
| Google Cloud Platform | Yes | Yes |
| Office 365 | Yes | Yes |
| AWS | Yes | Yes |
| Threat detection for cloud applications | Yes | No |
| Log collection from cloud environments | Yes | No |
| Generating actionable incident response from cloud application | Yes | No |
| Threat intelligence and Verdict | ||
| Holistic security approach Combined network, endpoint, cloud | Yes | No |
| Internal security sensor logs (IOCs) | Yes | Yes |
| Expert Human Analysis | Yes | No |
| ML & Behavioral Analysis and Verdict | Yes | Yes |
| Open source threat intelligence feeds | Yes | No |
| Information sharing with industry | Yes | Yes |
| Clean web (phishing sites, keyloggers, spam) | Yes | Yes |
| Deep web (C&C servers, TOR browsers, database platform archives—pastebins) | Yes | Yes |
| Cyber Adversary Characterization | Yes | No |
| Security operations center (SOC) | ||
| Global, real-time support (24 / 7 /365) | Yes | Yes |
| Dedicated cybersecurity experts | Yes | No |
| Breach (case) management | Yes | No |
| Security monitoring | Yes | No |
| Incident analysis | Yes | No |
| Incident response (handling) | Yes | No |
| Extensive threat hunting (scenario-based) | Yes | No |
.svg)
World’s first pro-active and reactive platform providing managed cybersecurity services at a fraction of the price anywhere and anytime you need it.
.png){kind=small}
