Modular cybersecurity platform
EDR (Endpoint Detection & Remediation)
A cybersecurity tool that protects devices by actively monitoring their activity and identifying unusual patterns that could indicate a threat. It operates by installing a lightweight software agent on each device, which constantly collects and analyzes data about processes, files, and network connections. This information is then examined by advanced algorithms to detect potentially harmful actions, such as malware trying to run or unauthorized access attempts. When suspicious activity is detected, EDR can automatically block or contain it, while also alerting security to investigate further.
Main features
Inside the EDR module, user can overview separate features tabs, each represents different spec of it, all can be approached from one another.
Telemetry
All data collected list view, with multiple sorting & filtering and complex search
Allow/Block list
list view of all processes with sorting options and settings managing
Processes
Detailed table view for each detected process with relevant actions
Telemetry
EDR collects Various forensic evidences of activity from user’s devices and presents them in the “Telemetry” interface, which agregates all the information in one section .The telemetry interface allows the user to query the information when the user anlyzez a possible attack. Each entry includes multiple properties, that the user can access also separately for a deeper investigation (the device, the process. Etc.)
Advanced search in telemetry
The advanced search bar gives access to a more specific combination querying of entries properties.
Initial mode: selecting value types
typing a value to be auto completed
Additional value types sub menus
Recents searches queries loaded
Input is completed, CTA gives results.
No search results (empty state)
