Fidelis Endpoint 6.1 helps security professionals zero-in on malicious activity with new rapid detection capabilities and time-saving tools that automatically validate and respond to suspicious threats.
Fidelis Cybersecurity, the leading provider of solutions for detecting and stopping advanced cyberattacks, announces new time-saving features, enhancements and usability improvements to its Fidelis Endpoint™ product. Fidelis Endpoint 6.1 shortens the time to investigate and resolve security incidents and provides real-time insights into attackers when they infiltrate your endpoints and hide in your environment.
“The attacks are happening on laptops, servers and other endpoints. Immediate and long-term visibility is critical when it comes to limiting the damage attackers can do. With Fidelis Endpoint, security teams can immediately and retrospectively detect suspicious activity across endpoints and get one-click access to the related information they need to understand and act on that alert.” Fidelis Cybersecurity Senior Vice President of Products Brian Karney
Highlights of the enhancements included in Fidelis Endpoint 6.1 include:
- Real-Time Event Monitoring: The introduction of new centralized event monitoring provides real-time detection and visibility into what is happening on endpoints across the enterprise. With this release, Fidelis Endpoint now continuously records and streams key endpoint activities including file, process, registry, network, URL and DNS into a centralized event repository. In addition to improved detection, the historical event data holds valuable clues that let you trace an alert back to its original source. When you get new intelligence from Fidelis or your threat intelligence services, you can apply it to the historical events to detect if you’ve been compromised in the past.
- Enhanced Detection Engine: A new detection engine built on top of the centralized event monitoring system provides real-time threat detection. Detections are driven by a growing set of behavioral rules — also known as indicators of attack and powered by the Fidelis Threat Research Team — that can be configured to take automated actions, such as tagging for later review, isolating the machine, or acquiring RAM. The new detection engine supports third party/custom indicator feeds and has the ability to create custom behavior rules.
- Event Driven User Interface: When an attack occurs, a new event-driven user interface provides an interactive play-by-play view that shows how the incident unfolded so security teams can take appropriate action to resolve the issue. Users can also filter through data and quickly tag an event, see similar events, or easily create an alert rule when they discover something malicious to drive future and retrospective detections.
- Fidelis Network® Integration: The introduction of event monitoring enhances the product’s integration with Fidelis Network. Now, when Fidelis Endpoint receives an alert from Fidelis Network, it automatically queries the event repository to determine what took place and validate the alert. Results happen within seconds and an alert rule is dynamically created to watch across others systems for the endpoint activity that triggered the Fidelis Network alert.
- Script Support for All Jobs: All jobs are now executed using the peer-to-peer script engine, which enables users to perform queries/jobs and receive results in near real-time across hundreds of thousands of endpoints.
- Enhanced Endpoint Context: Users can now quickly access additional context about endpoints of interest. This lets users quickly see who is currently logged into a system, the host name, IP address, OS, event data associated with a specific endpoint and the job history for a particular endpoint – all in one location.
“Until this release, users have been forced to choose between vendors who had optimized their endpoint products for query speed or real-time threat detection from centralized events, or endpoint forensics,” says Fidelis Cybersecurity Chief Technology Officer Kurt Bertone. “Fidelis Endpoint 6.1 is the first and only endpoint detection and response product with an architecture optimized to support all three of these use cases in a single product.”About Fidelis Cybersecurity
Fidelis Cybersecurity combats the full spectrum of cyber-crime, data theft and espionage. A leading provider of threat detection, hunting and response solutions, Fidelis provides full visibility across hybrid environments, automates threat and data theft detection, empowers threat hunting, and optimizes incident response with context, speed and accuracy. Fidelis is trusted by Global 1000s and Governments as their last line of defense.
The Fidelis Elevate® platform captures rich metadata from across the threat landscape and combines that content to enable real-time and retrospective analysis, giving security teams the platform to effectively hunt for threats in their environment.
For more information go to www.fidelissecurity.com. Fidelis Cybersecurity is a portfolio company of Skyview Capital.