ClearSkies™ Endpoint Detection & Response (EDR) Agent Version 6.3

Overview

ClearSkies™ NG EDR Agent v6.3 is a comprehensive Endpoint Detection & Response solution, fully integrated with ClearSkies™ SaaS NG SIEM. It complements the detection of and response to never-before-seen targeted attacks and insider threats with the use of Behavioral Monitoring and Analysis (BMA), and by leveraging Advanced Security Analytics complemented by Threat Intelligence and signature-based detection.

What’s New

  • Detection of missing/recommended security patches as well as related vulnerabilities that could impact the integrity and availability of information assets
  • Automatic updating of policy changes and related updates using an encrypted tunnel when working remotely
  • Collection and analysis of SQL Trace (Audit) Events
  • Correlation of DHCP log and event data within UEBA
  • And many more that improve effectiveness and user experience…

Enhancements

Several major new enhancements are introduced in this new ClearSkies™ NG Endpoint Detection & Response (EDR) Agent version 6.3:

Behavioral Analysis Tool/Application

  • Redesigned and upgraded graphical user interface
  • Watchdog service enhancement/upgrade:
    • Improved detection capability through refined Sysmon configurations
    • Performance enhancements
  • File Integrity Monitoring (FIM) enhancements:
    • Redesigned and upgraded graphical user interface
    • No file count and file size restrictions
    • Capability to monitor entire drive volumes
    • Improved performance

Management Tool/Application

  • Redesigned and upgraded graphical user interface:
    • New overview page illustrating important metrics
    • Global iCollector and Incident/Alert settings can now only be configured in the ‘Policies’ page
    • Policies can now only be scheduled in the ‘Policies’ page
    • Versions can now only be scheduled in the ‘Schedules’ page
    • Schedules can now be deleted
    • Endpoints that exhibit loss of communication with the iCollector for more than 30 days are automatically removed, and they can reappear when they become active
  • New information logsource prerequisites are now displayed in the agent policy configuration screen

General

  • Log and event data forwarding to the iCollector using SFTP now uses higher compression:
    • The Agent compresses and forwards log and event data via SFTP to the iCollector for improved performance and bandwidth utilization
  • Redesign of the Agent’s services architecture:
    • The Agent now supports the collection of logsources and other functionalities contained in multiple services for improved service integrity and performance

Bug Fixes

This version resolves a number of stability and performance issues identified.

Version
6.3

Continue Exploring

Endpoint

January 25, 2022
This version release of ClearSkies™ EDR includes features and enhancements which empower the detection and response of cyber, insider and third-party threats by utilizing Behavioral Monitoring and Analysis (BMA) which le…
+ Read More

Endpoint

August 9, 2021
ClearSkies™ EDR Agent v6.5 is a comprehensive Endpoint Detection & Response solution, fully integrated with ClearSkies™ Cloud SIEM. It complements the detection of and response to never-before-seen targeted attacks…
+ Read More

Endpoint

June 10, 2021
ClearSkies™ EDR Agent v6.4.1 is a comprehensive Endpoint Detection & Response solution, fully integrated with ClearSkies™ Cloud SIEM. It complements the detection of and response to never-before-seen targeted attack…
+ Read More
Demo request

See it in action!

Request a live demo from our representatives to experience the value of ClearSkies™.

talk-to-an-expert-3
An Odyssey Product