ESET Enterprise Inspector

2020: Announcement of version 1.4 of the EDR solution ESET Enterprise Inspector

On June 30, 2020 the ESET company announced a release of version 1.4 of the solution ESET Enterprise Inspector of the class EDR which allows to estimate cyberrisks, to timely reveal threats and to react to them.

ESET released upgraded version of EDR of the solution ESET Enterprise Inspector. Photo: eset.ua

ESET Enterprise Inspector will be able supports Mac OS. For this purpose 40 rules allowing to consider specifics of the attacks on this OS are added to the solution.

Important change is Public API support. This advantage to the companies which want to integrate the EDR solution with already existing tools. For example, integration with SIEM or SOAR is possible. Thanks to it work of engineers on security as when obtaining the report on operation it is enough to them to switch to ESET Enterprise Inspector becomes simpler.

There were updated functions available on Windows OS. So, in ESET Enterprise Inspector 1.4 the feature for remote reaction and a research through service PowerShell is added. The security expert will be able to open far off the PowerShell interface on an endpoint, to perform tunings and to solve local problems, without breaking workflows of the user.

Besides, on Windows OS there was such function as network isolation which allows to turn off communication of the infected workstation with internal systems. Some types of threats are capable to extend in read seconds on corporate network. Isolation in that case is the most effective preventive measure.

Access to the management console of ESET Enterprise Inspector can be protected using means of two-factor authentication of ESET Secure Authentication.

Marking function is added to ESET Enterprise Inspector 1.4: there was an opportunity to tag objects and to classify groups in couple of clicks. It is possible to create the list of the exceptions - detected, but safe objects - and thus to reduce number of false operations.

2019: Announcement of ESET Enterprise Inspector

The international anti-virus company ESET provided in June, 2019 the business solution of ESET Enterprise Inspector intended for prevention, detection and response to cyberincidents in corporate network.

According to a research of consulting company PricewaterhouseCoopers (PwC), 41% of the polled investors, analysts and owners of the companies recognize cyber attacks the most serious threat for business. The reliable system of corporate protection that new cyberthreats, potentially dangerous actions of employees and undesirable applications did not put at risk reputation and financial stability of the organization is necessary for the companies.

ESET Enterprise Inspector is the solution for multilevel protection of endpoints which analyzes large volumes of information in real time, obtaining data from each level of protection. Detecting of threats is performed on the basis of reputation, behavior and the retrospective analysis.

ESET Enterprise Inspector is the solution with flexible configurations which allows clients to adapt it to the requirements and also provides detection and timely reaction to all types of cyberthreats.

The product supports not only pro-active search of threats, but also the retrospective analysis. It is enough to configure rules of conduct, and then "scan" the database of events. Search is performed not only on static IoC, but also on the basis of dynamic analysis of behavior with several parameters.

The product allows to distinguish, analyze and eliminate quickly any security risks in network, including: detect ART THREATS; block the besfaylovy attacks; block threats of zero day; protect from programs racketeers; neutralize cyber attack state-sponsored.

Staff of Information Security Service can complete processes, load the files which caused operation, far off to switch off the computer or to restart it directly from the console. For more coincidence tuning of the solution it is possible to edit easily rules using XML and also to perform integration with a SIEM system.

"The quantity and quality of targeted cyber attacks to the companies continues to grow. Attacking carry out investigation and the analysis of means of protecting, find weak spots in infrastructure and use new vectors for penetration. Among other things we see rapid growth of number of the besfaylovy attacks from which it is impossible to be protected at the level of basic products for security — Zemskikh Vitaly, the technical director of ESET Russia&CIS considers. — We developed the solution of the class EDR which allows to run for pro-active search of anomalies and threats, including ART for detection, reaction and prevention of the difficult target attacks. The solution is intended for the medium-sized and large companies which daily face new types of the attacks".

For building of a full-fledged ecosystem of security of ESET Enterprise Inspector it is used together with other products ESET that provides a comprehensive protection of endpoints.