Australia Show local products
107 results
Cybersecurity application for IT administrators to prevent data breaches, covering a suite of devices, networks, and applications. Learn more about ESET Endpoint Security
ESET Endpoint Security software is a cloud-based and on-premises application for internet security and malware protection. It has a global user base that comprises businesses of every size. Cloud sandbox technology enables users to protect their mobile devices, laptops, and desktops against ransomware, zero-day attacks, and data breaches. It features file, bot, and mail protection, along with remote device management, virtualization security, firewall set-up, and web control. Learn more about ESET Endpoint Security

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
N-able EDR provides next-generation antivirus with behavioral AI threat detection and one-click remediation and rollback capabilities. Learn more about Endpoint Detection and Response
N-able Endpoint Detection and Response (EDR) helps MSPs prevent, detect, and respond to ever-changing cyberthreats. Powered by SentinelOne, N-able EDR provides next-generation antivirus with behavioral AI threat detection and one-click remediation and rollback capabilities. As an integrated feature of N-able N-central and N-able RMM, N-able EDR lets you gain full monitoring and management of your endpoint security, all from a single dashboard. Learn more about Endpoint Detection and Response

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
An endpoint detection and response solution that takes threat hunting, prevention, and remediation to the next level. Learn more about Heimdal Endpoint Detection and Response (EDR)
Heimdal Endpoint Detection and Response is a seamless EDR solution that consists of six of our top-of-the-line products working in unison to hunt, prevent, and remediate any cybersecurity incidents that might come your way. The products in question are Heimdal Threat Prevention, Patch & Asset Management, Ransomware Encryption Protection, Next-Gen Antivirus, Privileged Access Management, and Application Control. Learn more about Heimdal Endpoint Detection and Response (EDR)

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
DNS web content & security filter for business that blocks malware, ransomware and phishing + provides advanced web content control. Learn more about WebTitan
WebTitan is a DNS Based Web content filter and Web security layer that blocks cyber attacks, malware, ransomware and malicious phishing as well as providing granular web content control. WebTitan DNS filtering filters over 2 billion DNS requests every day and identifies 300,000 malware iterations a day. Try a free Trial of WebTitan today, full support included. Learn more about WebTitan

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Multi-vector protection against viruses and malware offering full protection against all of today's sophisticated malware threats. Learn more about Webroot Business Endpoint Protection
Multi-vector protection against viruses and malware offering full protection against all of today's sophisticated malware threats including Trojans, keyloggers, phishing, spyware, back-doors, rootkits, zero-day and advanced persistent threats. Built in Identity & Privacy Shield stops data being stolen or captured when using the Internet and the outbound firewall also stops malware stealing data. No need to worry about or run updates, cloud-driven security means endpoints are always up to date. Learn more about Webroot Business Endpoint Protection

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
The JumpCloud Directory Platform reimagines the directory as a complete platform for identity, access, and device management. Learn more about JumpCloud Directory Platform
JumpCloud is an open directory platform for secure, frictionless access from any device to any resource, anywhere. JumpClouds mission is to Make Work Happen, providing simple, secure access to corporate technology resources from any device, or any location. The JumpCloud Directory Platform gives IT, MSPs, VARs/Distributors, security operations, and DevOps a single, cloud-based solution to control and manage employee identities, their devices, and apply Zero Trust principles. Learn more about JumpCloud Directory Platform

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Trusted by 92 of the fortune 100, Splunk helps you investigate, monitor, analyze, and act on all of your organizations data. Learn more about Splunk Enterprise
Trusted by 92 of the fortune 100, Splunk is a customizable data analytics platform that empowers you to investigate, monitor, analyze and act. From IT to security to business operations, Splunk is the data-to-everything platform that enables you to take action in real-time. With Splunk, you can predict and prevent IT problems, streamline your entire security stack, minimize unplanned downtime, and explore and visualize business processes for increased transparency all in one platform. Learn more about Splunk Enterprise

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Threat detection and response backed by an in-house 24/7 SOC, no annual contract required. Learn more about ConnectWise SIEM
ConnectWise SIEM (formerly Perch) offers threat detection and response backed by an in-house Security Operations Center (SOC). Defend against business email compromise, account takeovers, and see beyond your network traffic. Our team of threat analysts does all the tedium for you, eliminating the noise and sending only identified and verified treats to action on. Built with multi-tenancy, ConnectWise SIEM helps you keep clients safe with the best threat intel on the market. Learn more about ConnectWise SIEM

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Identify and resolve APTs, fileless malware and zero-day attacks across all your assets, 100% remotely deployed and managed MDR option. Learn more about Infocyte
Ideally suited for mid-market to enterprise organizations and MSP/MSSPs whose cybersecurity teams manage networks with hundreds, thousands, and hundreds of thousands of nodes/endpoints. Over 50% of breaches are missed by existing cyber defense tools. Infocyte offers agentless install; you get identification, investigation and response to sophisticated fileless, in-live memory cyber attacks in minutes, so you can contain, remediate and recover quicker. Learn more about Infocyte

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Network performance monitoring and diagnostics tool that enables NetOps to analyse network traffic and troubleshoot network problems. Learn more about Flowmon
Flowmon is a professional tool for effective network troubleshooting, performance monitoring, capacity planning, encrypted traffic analysis and cloud monitoring. Instead of just the red/green infrastructure status, it helps NetOps teams to understand user experience while keeping the amount of data noise and analytical work to a minimum. The Flowmon solution is a part of the Kemp product portfolio. Learn more about Flowmon

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
A complete XDR solution complete with timely incident alerts, environment monitoring, and expert input that supports full compliance. Learn more about Heimdal eXtended Detection and Response (XDR)
Heimdal eXtended Detection and Response is a fully compliant XDR solution supported by a live team of experts who are always on top of your cybersecurity needs. A centralized monitoring and incident response hub, it is your one-stop-shop for fast attack or infection alerts, policy validation, environment observation, and appropriately delivered responses to any type of cyber threat. Augment your digital defenses and acquire expert input on any scenario with Heimdal XDR today. Learn more about Heimdal eXtended Detection and Response (XDR)

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Jamf Threat Defense protects iOS endpoints from malicious attacks. Learn more about Jamf Threat Defense
As iPhone device usage grows in the enterprise, the need to secure them is even greater. Jamf Threat Defense protects your organization’s iOS endpoints from being compromised through mobile threat detection and zero-day phishing prevention. Learn more about Jamf Threat Defense

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cloud-based Endpoint Detection and Response (EDR) with 72-hour ransomware recovery for Windows PCs, Windows servers and Linux servers.
Cloud-based Endpoint Detection and Response (EDR) with 72-hour ransomware recovery for Windows PCs, Windows servers and Linux servers. Rated #1 for ease-of-use to help businesses identify, analyze, and remediate threats on a unified platform. Learn more about Malwarebytes for Business

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cybersecurity solution that provides with licensing options to fit the protection needs of businesses, datacenters, and public cloud.
GravityZone is built from the ground up for virtualization and cloud to deliver business security services to physical endpoints, mobile devices, virtual machines in private, public cloud and Exchange mail servers. GravityZone Enterprise Security provides flexible licensing options to fit the protection needs of your offices, datacenters and public cloud. All security services are delivered from one virtual appliance to install on premise covering all endpoints across your environment. Learn more about Bitdefender GravityZone

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cloud-based and on-premise platform that allows businesses to secure critical data with multi-factor authentication.
Enterprise access has been redefined by BYOD, mobility, and cloud services. Todays workers demand secure connectivity regardless of location their desk can be in a car, a hotel room, at home, or at a caf. Pulse Connect Secure is the result of 15 years of innovation and refinement which had led to the most reliable and feature-rich VPN built for the next generation. Learn more about Connect Secure

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Maintain complete endpoint visibility and inventory of all software with Automox's cloud-based platform.
Automox allows you to maintain complete visibility into the endpoints and software used in your organization's day-to-day operations, while also providing the information needed to manage patching, risk mitigation, and endpoint hardening decisions. With Automox, you'll have the ability to see all endpoints and applications from a single console which enables administrators to identify misconfigured systems, missing patches, or compliance issues. Learn more about Automox

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Multi-dimensional scanning and process interrogation technology that detects and removes spyware through consistent scans.
Multi-dimensional scanning and process interrogation technology that detects and removes spyware, malware and more through consistent scans and automated database updates. Learn more about SUPERAntiSpyware

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Chrome extension that protects from phishing, malware, removes pop-ups, and creates a safe browsing environment.
Chrome extension that protects from phishing, malware, removes pop-ups, and creates a safe browsing environment. Learn more about Guardio

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Microsoft 365 Defender enables businesses to stop attacks with automated, cross-domain security and built-in AI.
Microsoft 365 Defender stops attacks with automated, cross-domain security and built-in AI. As threats become more complex and persistent, alerts increase, and security teams are overwhelmed. Microsoft 365 Defender, part of Microsofts XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats. Learn more about Microsoft 365 Defender

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Blackpoint Cyber continues to work hard to deliver an end-to-end, effective cybersecurity ecosystem to the MSP community.
Blackpoint Cyber offers the only world-class, nation state-grade cybersecurity ecosystem serving the MSP community. Headquartered in Maryland, USA, the company was established by former US Department of Defense and Intelligence cybersecurity experts. Blackpoint's True 24/7 Managed Detection and Response (MDR) service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep your and your clients’ networks safe! Learn more about Blackpoint MDR

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Automated proximity-based 2FA authentication into computers and websites. Passwordless login and auto-lock PCs, Macs, and websites.
Touchless, automated proximity-based authentication into computers, websites, and software. Passwordless login and auto-lock PCs with a token. Authenticate with your presence and log in instantly with password autofill. No more locked out accounts. When the token moves out of range, GateKeeper automatically locks the computer. Be preventative against expensive and disruptive data breaches. Your password caddie for a password-free experience. Never go back to memorizing and typing passwords. Learn more about GateKeeper Enterprise

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Prevent macOS malware, detect from Mac-specific threats, and monitor endpoints for compliance with Jamf Protect.
Jamf Protect provides a complete endpoint protection solution to maintain macOS compliance, prevent macOS malware, detect and remediate Mac specific threats with minimal impact to the enduser experience. With known customizable prevention, intuitive dashboards, real-time alerts, and extensive reporting all of which is designed only for Macs, you can be certain that your Mac fleet is well secured and you always have full visibility into your Apple computers. Learn more about Jamf Protect

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Provides the necessary synergy between people, process, and technology to truly deliver world-class cybersecurity today.
Continuously predict, prevent, detect, and respond to advanced threats efficiently and effectively by combining deep learning-enabled technology and a team of cybersecurity experts providing 24/7 monitoring, analysis, and incident response. Our managed platform approach to cybersecurity simplifies operations and reduces security gaps caused by standalone point products.​ Learn more about Netsurion Managed Threat Protection

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Apex One is an endpoint detection and response software designed to help businesses investigate threats and protect the system.
Apex One is an endpoint detection and response software designed to help businesses detect and investigate threats and protect the system against fileless and ransomware attacks. The platform offers a host-based intrusion prevention system (HIPS), which enables administrators to virtually patch vulnerabilities. Managers can detect the indicators and intent of attackers in real-time and manage threat responses on a unified interface. Apex One allows teams to identify and analyze the impact as we Learn more about Apex One

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Qualys Multi-Vector EDR - A new approach to EDR that shortens response times and reduces costs.
Traditional EDR solutions focus only on endpoint activity to detect attacks. Qualys brings a new multi-vector approach and the power of its Cloud Platform to protect the entire attack chain, from attack and breach prevention, to detection and response — all in a single, cloud-based app. Learn more about Qualys Cloud Platform

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
DataDome provides state-of-the-art protection against online fraud and bot attacks for mobile apps, websites and APIs.
DataDome protects mobile apps, websites and APIs from online fraud and bot attacks, including scraping, scalping, credential stuffing and account takeover, Layer 7 DDoS attacks and carding fraud. Our AI-powered bot detection engine processes more than a TRILLION pieces of data every day, from 25 worldwide points of presence, to protect the largest global e-commerce businesses in real time. Learn more about DataDome

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Endpoint protection solution that helps businesses monitor operating system activities to detect & clean suspicious or unknown threats.
Security management platform that provides web url filtering, antivirus engine, file auto-sandboxing, behavior analysis, and HIPS. Learn more about Comodo Endpoint Security Manager

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Falcon Insight delivers continuous, comprehensive endpoint visibility that spans detection, response and forensics.
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus, endpoint detection and response (EDR), & a 24/7 managed hunting service all delivered via a single lightweight agent. Falcon Insight delivers continuous, comprehensive endpoint visibility that spans detection, response and forensics to ensure nothing is missed and to stop breaches. Learn more about Falcon

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Powered by automated detection and 24/7 human threat hunting, Huntress tracks down threats that evade antivirus solutions.
Huntress uses automated detection and 24/7 human threat hunting to track down threats that bypass most antivirus solutions, including persistent footholds which are often used by attackers to gain backdoor access into a network — undetected. Other services and features include Ransomware Canary file alerts, Managed Antivirus for Microsoft Defender, Host Isolation to stop the spread of critical attacks, External Recon for attack surface reduction, and Partner Enablement resources and support. Learn more about Huntress

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
The ultimate next-generation antivirus powered by market-leading threat intelligence, forensics, and firewall integration.
Heimdal Next-Gen Endpoint Antivirus is an NGAV solution designed to provide market-leading endpoint detection and response through local signature-based file scanning, sandbox and backdoor analysis, process and behavior-based examination, and real-time cloud inspection. It is the detection-oriented counterpart to our threat prevention offering, Heimdal Threat Prevention. Besides its EDR features, Heimdal NGAV comes with complete firewall integration, which will further secure your workstations. Learn more about Heimdal Next-Gen Endpoint Antivirus

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware.
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware. Learn more about Emsisoft Anti-Malware

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Advanced malware protection solution that helps businesses secure endpoints, emails and web traffic across multiple platforms with cont
Advanced malware protection solution that helps businesses secure endpoints, emails and web traffic across multiple platforms with continuous tracking, malware prevention, sandboxing and more. Learn more about Cisco Secure Endpoint

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Machine learning & policy engine provide threat detection & response. Also used for threat hunting & automated security training.
Optimal mix of UEBA, Insider threat detection and response with machine learning and a policy engine, DLP with content inspection and automated response actions. Learn more about Jazz Platform

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
No matter where your data lives — on premise, cloud, hybrid, or SaaS — Metallic combines unmatched flexibility and proven security.
Protect, secure, recover. From the minds of Commvault—ten times a leader in the Gartner Magic Quadrant—Metallic is a SaaS portfolio for enterprise-grade backup and recovery, designed to protect your data from corruption, deletion, ransomware, and any other threat out there. No matter where your data lives — on premise, cloud, hybrid, or SaaS — Metallic combines unmatched flexibility with proven security and industry-leading Commvault technology. Learn more about Metallic SaaS Backup & Recovery

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
INKY is powered by computer vision, and machine learning making it the most effective solution in the fight against phishing.
INKY is powered by unique computer vision, artificial intelligence, and machine learning, making it the most effective solution in the fight against phishing. INKY uses advanced detection techniques and a unique banner technology to identify and block sophisticated phishing emails that legacy email systems cannot detect. INKY works with Microsoft O365, Exchange, and Google Workspace and on all mobile devices. Learn more about Inky

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Australia Local product
GorillaStack helps to automate real-time security remediation, managing backup lifecycles, and optimize cloud bills.
GorillaStack helps DevOps to get real time alerts and automate remediation for security. With automation, you can achieve compliance and governance across AWS and Azure Cloud easily. GorillaStack can also help to reduce your cloud bills and manage backups reliably. Learn more about GorillaStack

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
BeyondDLP Enables A Safe Data Experience A unique & Proactive Data Loss & Leakage Prevention solution to protect your data - anywhere.
ITsMine provides safety and protection to your shared and distributed work environment, along with regulatory compliance. ITsMine’s technology overcomes the major challenges and complexities of current data security solutions by automatically constructing “Safe Zones." ITsMine is agentless, API-based, and can be deployed in approximately 30 minutes. Proactively protecting against internal and external threats; while covering data at rest, in motion, and in use. Inside and beyond the company. Learn more about Beyond DLP

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
A revolutionary, 100% signature-free component that provides market-leading detection and remediation of ransomware attacks.
Heimdal Ransomware Encryption Protection is an innovative and signature-free cybersecurity module with market-leading detection and remediation capacities that prevent any type of ransomware. This includes both fileless and file-based strains for complete, round-the-clock safety. It can detect any encryption attempt, even those that have no signatures or behavioral patterns. Our solution was built to be universally compatible with any antivirus, be it Heimdal’s own NGAV or something else. Learn more about Heimdal Ransomware Encryption Protection

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cynet AutoXDR™ is a detection and response security platform specifically created for todays multi-faceted cyber-battlefield.
Cynet AutoXDR™ is a detection and response security platform specifically created for todays multi-faceted cyber-battlefield. Learn more about Cynet 360

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Axonius is a cybersecurity asset management platform used to strengthen security, IT operations, and risk management.
Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security coverage gaps, and automatically validates and enforces security policies. By seamlessly integrating with hundreds of security, management, and IT solutions, Axonius deploys in hours (not weeks) to improve security and IT operations, threat and vulnerability management, incident response, and security posture assessment. Learn more about Axonius

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
The Cybereason Defense Platform combines managed endpoint prevention, detection, and response in one lightweight agent.
The Cybereason Defense Platform combines managed endpoint prevention, detection, and response in one lightweight agent. It delivers multi-layer endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and fileless attacks. Defend against tomorrows threats today. Learn more about Cybereason

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cloud-based solution that provides deep endpoint visibility deep, AI-driven analytics, and workflow automation.
Cloud-based solution that provides deep endpoint visibility deep, AI-driven analytics, and workflow automation to streamline your cyber security activities. Learn more about Symantec Endpoint Detection and Response

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
FortiEDR provides automated endpoint protection, detection, and response against advanced attacks.
FortiEDR provides automated endpoint protection, detection, and response against advanced attacks. Learn more about FortiEDR

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
SOC Prime TDM is a SaaS community delivering threat detection content that can be used across various SIEM formats and EDR solutions.
SOC Prime Threat Detection Marketplace® (TDM) is a SaaS content platform that allows security professionals to detect and respond to cyber threats, as well as increase ROI for the majority of their SIEM, EDR, NSM and SOAR tools in use. TDM aggregates over 65,000 SIEM & EDR rules, parsers and search queries, and other content mapped directly to the MITRE ATT&CK® framework and compatible with your EDR solution in use, including Microsoft Defender ATP, Carbon Black, CrowdStrike, and Qualys. Learn more about Threat Detection Marketplace

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
InsightIDR is your threat detection & response solution. Find & respond to all of the top attack vectors behind breaches.
InsightIDR is your threat detection & response solution. Find & respond to all of the top attack vectors behind breaches: phishing, malware, and the use of stolen passwords. InsightIDR natively collects data from your endpoints, security logs, & cloud services. Apply user and attacker behavior analytics to your data to find intruder activity at each step of the attack chain. Unify your security data. Detect before things get critical. Respond 20x faster with visual investigations & automation. Learn more about InsightIDR

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Protect your cloud assets and private network. Improve security and incident response across the distributed network.
Stealthwatch Cloud automatically detects early indicators of compromise. These include insider threat activity, malware, and multistaged attacks. Improve security and incident response across the distributed network, from the office to the public cloud. Detect threats in real time. Reduce false positives. Gain actionable security intelligence to make your security team more efficient. And do it all while lowering costs. Learn more about Cisco Secure Cloud Analytics

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact. Learn more about Arctic Wolf SOC-as-a-Service

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
ReaQta-Hive is an Autonomous Detection & Response platform that protects endpoints against threats.
ReaQta, an IBM company, is a top-tiered AI Autonomous Detection & Response platform built by an elite group of cyber security experts & AI/ML researchers. ReaQta allows organizations to eliminate the most advanced endpoint threats in real-time. Equipped with proprietary NanoOS technology, ReaQta-Hive delivers unprecedented visibility into processes and applications running on endpoints and is tamper-free to malware & attackers. ReaQta was named a 2020 Gartner Cool Vendor in Endpoint Security. Learn more about ReaQta-Hive

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Protect your equipment from digital threats. Complete security for small and medium businesses.
This cybersecurity solution includes: Online identity protection, antivirus and antispyware, antispam, protection against public networks, remote administration, web access control, USB device control, corporate mobile management and more. It allows combining protection from 5 to 25 computers + 5 smartphones + 1 or 2 file servers; all options include the remote administration tool. Learn more about ESET Home Office Security Pack

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Suite of solutions designed to secure corporate networks, ensure compliance, and enhance endpoint visibility.
Great Bay Software is helping organizations gain back complete control over their corporate networks. Our technology, the Beacon product suite, solves the lack of endpoint visibility and control that keeps enterprises from fully securing their corporate network. We can help you with: Asset discovery and management, Identity monitoring and threat avoidance, Incident response, Regulatory compliance, Network capacity planning and Device authentication. Learn more about Great Bay Network Intelligence Platform

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring

Endpoint Detection and Response Software Buyers Guide

What is endpoint detection and response (EDR) software?

Endpoint detection and response (EDR) software helps organizations continuously monitor, investigate, and respond to active threats that target network endpoints.

An effective EDR system should include the following capabilities:

  • Incident data search and investigation
  • Alert triage or suspicious activity validation
  • Suspicious activity detection
  • Threat hunting or data exploration
  • Stopping malicious activity

EDR software is closely related to endpoint protection software , cybersecurity software , network security software , and vulnerability management software .

The benefits of EDR software

Network breaches are becoming more prevalent and most of the breaches are initiated via endpoints such as desktops, mobile devices, or servers. A well-implemented EDR strategy offers tremendous benefits, such as: 

  • Real-time protection against new threats: AV-Test, an IT security company, registers over 350,000 new malware and potentially unwanted applications every day. EDR software collects endpoint data that offer granular visibility around patterns, behavior, and other clues to identify and highlight potentially harmful applications and new malware in real time. Availability of real-time information can help IT teams safeguard networks from both existing and new threats.
  • Proactive cyber defense using data analytics: EDR solutions are not just restricted to securing endpoints and networks—they also help in investigating threats. EDR solutions continuously monitor online and offline endpoints, and collect data on historical events that can be used to map out guidelines to prevent future incidents. These solutions also provide intelligent feeds to IT security teams that can help them avoid critical damage before it’s too late.

Typical features of EDR software

  • Alerts/notifications: Send alerts and notify critical stakeholders whenever the solution discovers a threat or anomaly in the network.
  • Anomaly/malware detection: Scan and detect potentially dangerous and harmful software that can disrupt or damage an endpoint or gain unauthorized access to a network.
  • Reporting/analytics: View and track metrics related to network security. 
  • Remediation management: Identify and implement steps to restore systems to optimal conditions.
  • Behavioral analytics: Continuously track the behavior of the systems connected to a network to check for anomalies.
  • Continuous monitoring: Continuously assess and monitor system health and application usage.

Considerations when purchasing endpoint detection and response software

  • Basic vs. high-end EDR solution: EDR software typically begins by collecting, storing, and analyzing large amounts of data which it uses to offer security insights to IT teams. Basic solutions may simply collect data and present the information on the screen; the decision to quarantine or delete infected files depends on the in-house security experts. Advanced solutions, on the other hand, may analyze the scan results and then self-clean the system. 
  • Cloud vs. on-premise: Cloud deployment of the software offers benefits such as a lower upfront cost, faster service delivery, and remote management. But it stores your data on third-party servers, which limits your control over your data. If you’re willing to share your business and security data with a third-party service provider, opt for cloud-based option; otherwise, go with on-premise deployment.
  • EDR market to grow: The EDR market is expected to grow at almost 50% annually through 2020 , and most large enterprises will have EDR capabilities by 2025.The growth will be driven by the fact that current EDR implementation spans only 40 million endpoints; there are over 711 million desktops, laptops and other devices that can still utilize this software. 
  • EPP and EDR to consolidate: Endpoint protection platforms (EPP) will consolidate with EDR in the near future, triggered by businesses no longer solely relying on protection solutions; they need more advanced solutions that can detect and respond to live threats while constantly protecting the networks. Approximately 40% of EDR deployments are using both EDR and EPP from the same vendor. Going forward, vendors will bundle their EPP and EDR offerings into one consolidated application.
  • Machine learning and AI : EDR applications collect huge amount of data every minute. It’s not possible for humans to manage and analyze such volume of data. That's why vendors are now adding AI capabilities to their solutions to speed up the scanning process and proactively detect threats. Machine learning helps identify new practices of attacks and update the application based on ever-changing user and endpoint behavior.