Comprehensive Security in a Single Agent
- A single self-contained on-premise security solution that incorporates file integrity monitoring, policy enforcement, system hardening, intrusion detection, log management and more.
- Real-time automated compliance alerting and enforcement.
- Monitors millions of files distributed across tens of thousands of systems in real-time with full tracking and capture of system file changes.
- Automated security that provides detection, protection and analytics for any environment.
- Provides automated protection for workloads in multi-cloud, on-premise or hybrid environments eliminating the need for multiple solutions.
- Enables system security for legacy systems including Solaris, HP-UX, and IBM AIX.
Streamline Compliance Monitoring And Remediation
- Support for all major compliance protocols including PCI DSS, NIST, HIPAA, GDPR, JSIG and more.
- Automatically addresses over 100 PCI DSS 3.2 technical requirements.
- Continuous compliance monitoring and remediation ensure protection from costly non-compliance fines.
Simplify Security Operations While Reducing SOC Costs
- Continuous compliance monitoring and automated compliance remediation.
- SIEM log filtering ensures that only actionable SIEM alerts are generated making cyber security analysts and engineers more effective and efficient.
- Reduces SIEM data by up to 80% dramatically reducing SOC costs and without sacrificing fidelity.
Advanced File Integrity Monitoring (FIM)
Real-time detection of changes to files and registry entries.
Compliance audits and compliance reports on systems and applications for compliance with PCI DSS, HIPAA, NIST, GDPR, JSIG and other compliance standards.
Automated configuration and continuous monitoring of the kernel, applications, and services to remove, tune, or reconfigure potentially risky functions.
Vulnerability Shielding / WAF Protection
Host-based WAF protection against workload attacks, including botnets, SQL injections, CSRF, remote file injection, and watering holes.
Optimizes the Linux kernel to prevent buffer overruns and code reuse.
Creates imitation vulnerabilities, systems, shares, and cookies to uncover indicators of attack.
Server EDR and Behavioral Monitoring
Log-based intrusion detection (LIDS) and active response integrated with machine learning identifies anomalous system and user behavior including network communications, processes launched, and files opened.
Provides flexible and granular control of workloads, network flows, and processes.
Application Control & Visibility
Provides self-learning, least-priviledged, role-based access controls on applications.
Anti-Virus / Anti-Malware
Real-time scanning and quarantine using CLAM AV or any existing anti-virus or anti-malware software.
Workload Based Machine Learning
Models normal system and user behavior to identify anomalies.
Cloud Based Machine Learning
Leverages community threat intelligence to identify global attack trends and provide real-time notifications that enable systems to automatically protect workloads against attacks they haven’t yet seen.