ClearSkies™ Endpoint Detection & Response (EDR) Agent Version 6.3

Overview

ClearSkies™ NG EDR Agent v6.3 is a comprehensive Endpoint Detection & Response solution, fully integrated with ClearSkies™ SaaS NG SIEM. It complements the detection of and response to never-before-seen targeted attacks and insider threats with the use of Behavioral Monitoring and Analysis (BMA), and by leveraging Advanced Security Analytics complemented by Threat Intelligence and signature-based detection.

What’s New

  • Detection of missing/recommended security patches as well as related vulnerabilities that could impact the integrity and availability of information assets
  • Automatic updating of policy changes and related updates using an encrypted tunnel when working remotely
  • Collection and analysis of SQL Trace (Audit) Events
  • Correlation of DHCP log and event data within UEBA
  • And many more that improve effectiveness and user experience…

Enhancements

Several major new enhancements are introduced in this new ClearSkies™ NG Endpoint Detection & Response (EDR) Agent version 6.3:

Behavioral Analysis Tool/Application

  • Redesigned and upgraded graphical user interface
  • Watchdog service enhancement/upgrade:
    • Improved detection capability through refined Sysmon configurations
    • Performance enhancements
  • File Integrity Monitoring (FIM) enhancements:
    • Redesigned and upgraded graphical user interface
    • No file count and file size restrictions
    • Capability to monitor entire drive volumes
    • Improved performance

Management Tool/Application

  • Redesigned and upgraded graphical user interface:
    • New overview page illustrating important metrics
    • Global iCollector and Incident/Alert settings can now only be configured in the ‘Policies’ page
    • Policies can now only be scheduled in the ‘Policies’ page
    • Versions can now only be scheduled in the ‘Schedules’ page
    • Schedules can now be deleted
    • Endpoints that exhibit loss of communication with the iCollector for more than 30 days are automatically removed, and they can reappear when they become active
  • New information logsource prerequisites are now displayed in the agent policy configuration screen

General

  • Log and event data forwarding to the iCollector using SFTP now uses higher compression:
    • The Agent compresses and forwards log and event data via SFTP to the iCollector for improved performance and bandwidth utilization
  • Redesign of the Agent’s services architecture:
    • The Agent now supports the collection of logsources and other functionalities contained in multiple services for improved service integrity and performance

Bug Fixes

This version resolves a number of stability and performance issues identified.

Version
6.3

Continue Exploring

Endpoint

August 9, 2021
ClearSkies™ EDR Agent v6.5 is a comprehensive Endpoint Detection & Response solution, fully integrated with ClearSkies™ Cloud SIEM. It complements the detection of and response to never-before-seen targeted attacks…
+ Read More

SIEM

July 29, 2021
Digital Transformation is changing the world, and we are constantly staying ahead of the curve to anticipate the digital risks emanating from the rapid expansion of the information-threat landscape. In keeping with our p…
+ Read More

SIEM

June 22, 2021
In keeping with our principle “to fulfil our clients’ needs and exceed their expectations”, we are continuously revamping our platform with new innovative features and enhancements. Such features and enhancements are tes…
+ Read More
Demo request

See it in action!

Request a live demo from our representatives to experience the value of ClearSkies™.

talk-to-an-expert-3
An Odyssey Product

ClearSkies™ is an Odyssey product included in Gartner’s 2021 Magic Quadrant for SIEM.