Fidelis Endpoint®: A Technical Deep Dive

White Paper

Summary

Advanced EDR features for unmatched detection, hunting, and response capabilities

Fidelis Endpoint® is designed for mature security operations seeking expert level visibility, advanced detection and investigation features, open threat intelligence feeds, and automated playbooks and scripts for detection and response against known and unknown advanced cyber threats. It enables organizations to prevent, detect, hunt, respond and resolve security incidents quickly and effectively.

Read this paper to find out how:

  • Enabling process blocking by hashes or YARA rules independent of installed AV engine for maximum prevention
  • Collecting first time seen file executables and scripts for analysis, plus months of process and event metadata for real-time and retrospective analysis with open threat intelligence feeds
  • Cutting down the investigation workflow with automatic collection and correlation of related events, processes and files, plus advanced queries with Boolean logic to detect and hunt
  • Automating the response processes like endpoint isolation, memory analysis and forensic collection

With Fidelis Endpoint organizations gain the visibility, context and automation needed to identify attacks as they happen and prevent them from becoming breaches on and off grid. This enables security teams to quickly focus on the incidents that matter and respond swiftly with playbooks and scripts. Once a suspected incident is validated, the involved endpoints can be automatically isolated while allowing investigations and response to return endpoints to a known good state.

This overview explains the key features of Fidelis Endpoint for advanced endpoint detection and response (EDR) with an open choice for endpoint protection platform (EPP) capabilities.

Read the White Paper