ClearSkies™ Endpoint Detection & Response (EDR) Agent Version 6.1

Overview

ClearSkies™ NG EDR Agent v6.1 is a comprehensive Endpoint Detection & Response solution, fully integrated with ClearSkies™ SaaS NG SIEM. It complements the detection and prevention of never-before-seen targeted attacks and insider threats with the use of Behavioral Monitoring and Analysis (BMA) and by leveraging Advanced Security Analytics complemented by Threat Intelligence and signature-based detection.

What’s New

  • Next-Gen Behavioral Monitoring and Analysis
  • Integrated Threat Intelligence
  • Application Control Automated
  • Response Actions

New Features

Several major new features and enhancements are introduced in this new ClearSkies NG Endpoint Detection & Response (EDR) Agent version 6.1:

Automated Response Actions

Simulated Block

The Agent can be configured to conduct a simulated block of suspicious events/activities that may be judged as normal in the individual use context.

Block

The Agent effectively blocks events that have been verified as malicious before they actually occur.

Quarantine

The Agent isolates events verified as malicious in a protected location on the endpoint. These malicious events can be reviewed at any time in the ClearSkies™ NG EDR “Vault” panel of the Agent’s system tray, or by accessing the “Endpoint” Service Module of the ClearSkies™ Secure Web Portal.

Automated actions and responses per activity

TYPE OF ACTIVITY ACTION RESPONSE
Suspicious Simulated Block Alert or Alert & Incident
Malicious Simulated Block

Block

Quarantine

Alert or Alert & Incident

Signature-Based Analysis

The Agent complements the detection and prevention of never-before-seen targeted attacks and insider threats with the use of Behavioral Monitoring and Analysis (BMA) and by leveraging Advanced Security Analytics complemented by Threat Intelligence and signature-based detection.

Application Control

The Agent grants full control over which applications on critical workstations and servers may run or not. This handy feature eliminates unknown/undesirable applications on your hosts that may compromise security and impact resource availability.

Operational Status and Configuration Interface

The Agent includes a system tray (or “systray”) icon found on the Microsoft Windows operating system environments taskbar, which allows for the review of operational status and configuration parameters.

Real-Time Visibility of Suspicious and/or Malicious Activities

With the use of Windows notifications, the Agent informs endpoint users in a case of detection of malicious and/or suspicious activities on the endpoint.

  • Next-Gen Behavioral Monitoring and Analysis
  • Integrated Threat Intelligence
  • Application Control
  • Automated Response Actions
Version
6.1

Continue Exploring

Endpoint

December 13, 2023
This release of Endpoint Detection & Response (EDR) includes enhancements that strengthen detection, response, and therefore visibility of cyber, insider, and third-party threats using Behavioral Monitoring and Analy…
+ Read More

Endpoint

March 29, 2023
This version release of ClearSkies™ EDR includes features and enhancements which empower the detection and response of cyber, insider and third-party threats by utilizing Behavioral Monitoring and Analysis (BMA) which le…
+ Read More

Endpoint

October 26, 2022
This version release of ClearSkies™ EDR includes features and enhancements which empower the detection and response of cyber, insider and third-party threats by utilizing Behavioral Monitoring and Analysis (BMA) which le…
+ Read More
Demo request

See it in action!

Request a live demo from our representatives to experience the value of ClearSkies™.

talk-to-an-expert-3
An Odyssey Product

ClearSkies™ is an Odyssey product included in Gartner’s 2024 Magic Quadrant for SIEM.