NG Endpoint Agent Detection & Response

Today’s sophisticated cyber threats require more than traditional antivirus protection.

Deploy ClearSkies™ Endpoint Detection & Response (EDR) Agent on your critical workstations or servers, either on-premises and/or cloud, to:

 Gain real-time visibility

 Stop data leakage

  Block Malware, 0-day exploits and APTs,

 Detect user, network and host abnormal behavior

  Know Who did What from Where and When

 Enhance/simplify your compliance and auditing requirements

Block malware from entering YOUR network and stop data leakage!

   No Signature-based detection
Blocks threats with real-time behavior analysis

   No Performance degradation
Does not drain system resources

   No Security Expertise required
Deploys without complex configuration

   No Connectivity required
Works even when workstations/servers are offline

Ready to protect your critical workstations and servers? Talk to us today!

How it Works
(Who did What from Where and When)

Using User & Entity Behavior Analysis (UEBA), the Agent constantly monitors policy violations, configuration files, key system files, critical files/folders, network activity and running processes, for the early detection of malicious activities and/or suspicious behaviors, which could lead to data leakage, system compromise or system performance degradation.
Upon detecting such activity, the Agent triggers a number of “Response Actions” based on the classification of the activity and the sensitivity of the Behavioral Analysis Mood applied to the user/group in question. The end result is knowing Who did What from Where and When, in a timely manner.

ClearSkies™ NG Endpoint Detection & Response (EDR) works on workstations and servers as Standalone, or it integrates into ClearSkies™ NG SIEM-as-a-Service.

MAIN FEATURES

Blocking and Isolation Suspicious/Malicious Activities

Constantly monitors suspicious and/or malicious behavior and activity for the detection and response to external attacks and insider threats.

Facilitation and Validation of Regulatory Compliance

Facilitates and demonstrates mandatory regulatory compliance and auditing requirements prescribed by PCI DSS, ISO 27001, SWIFT, HIPAA, FISMA and GDPR, in an efficient and cost-effective manner.

User Activity Monitoring

Performs comprehensive user activity and behavioral monitoring and analysis in the form of intuitive visuals of actionable information, facilitating the timely and effective response to potential threats.

File Content Modifications

Continuously monitors privileged users’ activity with respect to changes made to user-defined sensitive and key system files/folders.

Real-Time Visibility

Enables round-the-clock real-time visibility of your security posture, helping you with your decision-making process when strategically planning your internal defenses against emerging threats and vulnerabilities.

Built-In Threat Intelligence

Accelerates the detection and response to emerging threats and vulnerabilities with the integration of various Threat Intelligence feeds, presented in the form of Indicators Of Compromise (IoC).

Ease of Use

Simplifies the deployment, configuration, reporting and updating of a large number of Agents with its built-in central administration and management capabilities. Agents may be deployed rapidly through deployment solutions such as SCCM, or an active directory group policy.

“Detect and stop User suspicious and malicious behaviors which would go unnoticed by traditional Antivirus.”

KEY BENEFITS

Behavioral Analytics – User & Entity Behavior Analysis (UEBA)

With the use of User & Entity Behavior Analysis (UEBA), log and event data collected is analyzed towards the prediction of suspicious and/or malicious activity, which would otherwise go unnoticed by traditional Antivirus Endpoint Agents.

Malware, APTs and 0-day Detection

Constantly monitors the Integrity of key system configuration files, key system files, critical files/folders, network activity and running processes, enabling the detection and response to Malware, APTs and 0-day exploits.

File Integrity Monitoring (FIM)

Tracks privileged users’ access activity, including content modifications changes, for user-defined sensitive/critical files/folders by account name and/or process, when these files and/or folders were Accessed, Created, Viewed, Modified or Deleted.

Incident Management

With its own built-in ticketing system, it helps you to promptly, efficiently and effectively monitor, classify and manage “Incidents” which may pose a threat to the confidentiality, integrity and availability of your information assets.

Unauthorized Network Traffic

Continuously monitors and analyzes incoming and outgoing network traffic, which leads to the prompt detection and prevention of malicious/suspicious network activity including communication with malicious sites (e.g. botnets, malware, spam, phishing).

Reporting

Helps you generate both scheduled as well as ad-hoc reports, using either predefined or user-defined report templates. Reports can be exported in CSV and PDF formats, and may be scheduled to be sent automatically to selected email recipients.

Policy enforcement

Supports the white-listing (excluded from monitoring) of specific applications, thus avoiding False Alerts from being raised.

Maintenance

Effectively supports both your organizational maintenance and/or monitoring operations with its built-in maintenance scheduling on workstations and servers. Installation and configuration of security and recommended vendor updates/fixes can be configured to be performed within a predefined date/time window by a trusted source, thus avoiding False Alerts from being raised.

Free Version

The free version of ClearSkies™ NG Endpoint Detection & Response (EDR) Agent focuses on collecting in real time log and event data related to operating system, application and network related activities for real-time visibility, and it may be deployed on all workstations and servers.

Compare ClearSkies NG Endpoint Detection & Response (EDR) versions

Explore the power of Clearskies NG Endpoint Detection & Response (EDR) Agent

What's new

02 Jul09:00am

ClearSkies™ Version 5.8 & 5.8.1

In keeping with our principle “to fulfil our clients’ needs and exceed their expectations”, we are continuously revamping our platform with new innovative features and enhancements. Such features and enhancements are a testament of our pioneering role in the uncharted territory of Big Data Advanced Security Analytics. What’s New in v5.8 & 5.8.1 Sensitivity Level more

02 May08:01am

Odyssey to participate in the ‘Saudi National Security & Risk Prevention Expo (SNSR)’ in November 2018

Odyssey to participate in the ‘Saudi National Security & Risk Prevention Expo (SNSR)’ in November 2018 Odyssey will be participating in the ‘Saudi National Security & Risk Prevention Expo (SNSR)’ as a valued exhibitor and contributor recognized for its expertise in cybersecurity and its provision of innovative services and solutions. As an ‘Information Security & more

Go to News