"Easy to use, blazingly fast, future-proof and exceptional customer support"
ENDPOINT DETECTION & RESPONSE (EDR)
EDR autonomously detects any suspicious activities emanating from or targeting endpoints in your network, such as laptops, desktops, servers or even smartphones, and actively responds to security threats.
Thanks to the extended use of Artificial Intelligence, the EDR solution preemptively protects your devices against new and unknown cybersecurity threats, a.k.a. zero-day exploits.
EDR detects suspicious network activity in a heartbeat. Infected devices are immediately quarantined to prevent the spread of damaging and dangerous malware.
With its central management console, you can get a complete overview of all detected events and implement an appropriate security strategy.
Stay ahead of hackers and cybercriminals ...
DETECT & RESPOND TO THREATS AUTONOMOUSLY
IBM Security QRadar EDR, provides full visibility into the infrastructure, allowing real-time queries to the endpoints, as well as extended searches with advanced data mining to discover dormant threats.
The system is powered by NanoOS, which provides an unprecedented level of detail for security analysts and a safety barrier that is extremely difficult to defeat by potential attackers.
Endpoint Security - FAQ
Traditional antivirus software uses a local database with known virus signatures and scans incoming files or code that is passing through your network and computers.When files and applications are flowing in and out of a computer, the antivirus software scans them to compare specific sets of code in the files against its own database. When code in a given file matches a signature in the antivirus database, the file is immediately isolated, blocked and removed.All software that runs on a computer will naturally place some load on that computer’s resources. Antivirus software is no exception to this rule. In order to protect a computer, the antivirus program has to perform a wide range of activities, such as opening files, reading data from the files, scanning the files and keeping its own database up-to-date.
EDR werkt anders. Het is een lichtgewicht programma, met nano-OS, dat op basis van Artificiële Intelligentie ALLE abnormaal gedrag zal herkennen en daar onmiddellijk actie op nemen. Voorbeeld: als een nog onbekende malware binnenkomt en deze wordt actief, dan zal de EDR onmiddellijk in actie komen en deze malware onmiddellijk stoppen. Wanneer een reeds aanwezige malware op de computer plots actief wordt (bijvoorbeeld een macro in een Word document), dan zal EDR) deze stoppen. Is er een abnormaal gedrag van een normale gekende applicatie? EDR zal het melden en actie nemen. Alle reporting gebeurt centraal en kan door een administrator gemonitord worden. Bovendien is er geen lokale database update nodig.
A good cybersecurity strategy necessitates the implementation of different solutions to effectively monitor and secure your organization’s computer equipment.
ReaQta EDR also has (optionally activated) a classic Anti-virus engine on board.
Definitely a supplement.
Besides malware detection for email and web traffic, Premium Cloud Content scanning offers many other features such as advanced URL filtering, safe browsing, SSL inspection, transparent proxy capabilities, spam detection and much more.
Installing EDR is very easy and straightforward. A unique executable file is created for each customer and partner. This file can then be distributed and installed on computers and Android devices as usual.
Het beheer gebeurt volledig centraal via de EDR management interface voor alle systemen bij eenzelfde klantomgeving.
Yes, EDR has a so-called active mode. This means its most essential detection mechanisms are activated by default in order to provide immediate protection and reporting capabilities out of the box.
EDR also provides a detection mode, which allows system administrators to observe network behavior and add rules based on their findings.
Het EDR systeem werkt onmiddellijk autonoom vanaf de eerste actieve cliënt
Fine-tuning is always possible. After an evaluation period, system administrators will be able to add extra rules per customer with great ease.
Yes, this is one of the very handy and powerful tools to deploy EDR. Via simple commands you can "interrogate" the endpoints as well as take immediate action. Consider, for example, investigating whether certain (unwanted) programs are active or installed on a computer.
Omwille van de grote vraag om EDR aan het AXS Guard gamma toe te voegen is de huidige EDR nog een volledig zelfstandige oplossing met een aparte management interface.
Our choice for ReaQta EDR is also inspired by the fact that as an OEM partner we can fully integrate it into the AXS Guard Cloud platform as desired.
We propose a POV - Proof Of Value in which we activate EDR on 4 systems and together monitor what is happening for about a month.
EDR versus classic ANTI-VIRUS
Traditional antivirus software bases its actions on what it already knows. To this end, it maintains a list of known virus and malware signatures in a central database, which is automatically updated through the vendor.
If a virus comes along and matches a signature in the database, the software will notify the user and block the threat.
Through the years, the list of virus signatures has grown considerably. The frequent software updates which are required to keep computers and devices protected often result in slower performance. System loads are much heavier because every file, email or process must be scanned in real time.
Antivirus software as we know it today, while useful, is kind of outdated.
Unlike traditional antivirus software, EDR does not base its actions on a database of virus definitions, but uses AI to actively detect suspicious activities within your network. If such activity is detected, EDR will immediately quarantine and neutralize the threat to prevent it from spreading to other devices.
EDR is capable of detecting the most sophisticated cybersecurity threats in real time, whether they reside in memory, are hidden within existing system binaries or use other advanced software intrusion techniques.
Track cybersecurity threats from start to finish. NanoOS continues to collect data even when an endpoint has been severely damaged or crippled.
Provides a full and real-time overview of your infrastructure and leaves no room for attackers with EDR's powerful Threat Hunt interface.
Customize security policies to meet your business requirements.
Fully automate security monitoring for the critical parts of your network infrastructure and keep your equipment safe without human intervention, 24/7 .
Cyber Assistant, a new and active component of ReaQta-Hive built to autonomously handle alerts and alleviate alert fatigue by reducing false positives by more than 80%.