Our Managed Detection and Response (MDR) service is powered by our Endpoint Detection and Response (EDR) platform for businesses. Our managed EDR service provides complete visibility into all server and workstation activity, which is actively monitored by the SNPL Security Operations Centre (SOC) 24 hours a day, 365 days a year.
The SNPL managed EDR platform monitors your business devices continuously and combines it with the expertise of our Security Analysts to process and validate advanced alerts mapped to the Mitre ATT&CK framework, as well as advanced threat hunting.
With the growth of remote workers and cloud-based solutions, the network perimeter is dissolving, reducing the protection and visibility provided by traditional network security controls such as a network firewall. This necessitates the use of more focused endpoint security protection and host visibility as a critical component of any modern security strategy.
Traditional anti-virus software can only detect malware that it has seen before (signature-based), whereas EDR uses behavioral analytics to determine what software should and should not do, thereby detecting more unique and targeted attacks.
Along with detecting new threats, EDR may reveal threats that have been active on your systems for an extended period of time, going unnoticed.
This enables us to detect attacks autonomously in real-time by providing our SOC team with immediate alerting and context for attack techniques.
This service includes continuous monitoring from our Security Operations Center (SOC) to safeguard your organization against known and unknown threats; pre-execution, on-execution and post-execution.
Capability to control endpoint activity, including enforcing host firewall rules, mitigating data exfiltration through the use of custom rules to prevent or restrict the use of USB storage media, and preventing the transfer of malicious code.
Bypassing the limitations of traditional anti-virus protection, this solution provides pre-execution protection to detect and prevent advanced threats.
Our security teams can quickly detect and investigate suspicious activity and determine the root cause of internal and external threats, misconfiguration, and policy violations within the environment due to our deep endpoint visibility combined with the detection of malicious indicators.
Our SOC can initiate containment of a compromise upon detection of malicious code execution by remotely preventing any network activity via host isolation. When a crypto attack occurs, the rollback system detects and mitigates mass encryption and restores the system to its pre-crypto state.
Our SOC can initiate containment of a compromise upon detection of malicious code execution by remotely preventing any network activity via host isolation.
When a crypto attack occurs, the rollback system detects and mitigates mass encryption and restores the system to its pre-crypto state.
The EDR agent is lightweight and compatible with all supported Windows, Mac and Linux operating systems as well as the following server endpoints:
Windows 10 October 2020 Update (20H2), Windows 10 May 2020 Update (20H1), Windows 10 November 2019 Update (19H2), Windows 10 May 2019 Update (19H1), Windows 10 October 2018 Update (Redstone 5), Windows 10 April 2018 Update (Redstone 4), Windows 10 Fall Creators Update (Redstone 3), Windows 10 Creators Update (Redstone 2), Windows 10 Anniversary Update (Redstone 1), Windows 10 November Update (Threshold 2), Windows 10 (RTM, version 1507), Windows 8.1, Windows 8, Windows 7
macOS Big Sur (11.x), macOS Catalina (10.15), macOS Mojave (10.14), macOS High Sierra (10.13), macOS Sierra (10.12)
Windows 10 IoT Enterprise, Windows Embedded 8.1 Industry, Windows Embedded 8 Standard, Windows Embedded Standard 7, Windows Embedded Compact 7, Windows Embedded POSReady 7, Windows Embedded Enterprise 7
Windows Server 2019 Core, Windows Server 2019, Windows Server 2016, Windows Server 2016 Core, Windows Server 2012 R2, Windows Server 2012, Windows Small Business Server (SBS) 2011, Windows Server 2008 R2
Ubuntu 14.04 LTS or higher, Red Hat Enterprise Linux / CentOS 6.0 or higher, SUSE Linux Enterprise Server 11 SP4 or higher, OpenSUSE Leap 42.x, Fedora 25 or higher, Debian 8.0 or higher, Oracle Linux 6.3 or higher, Amazon Linux AMI 2016.09 or higher
May 18, 2021