EDR - MDR - AEP

We provide End Point Detection and Response (EDR),Managed Detection and Response (MDR) and Advanced Endpoint Protection (AEP).

​

EDR is a type of MDR-lite that focuses on endpoints or hosts. Unlike CI Security's Managed Detection and Response, endpoint threat detection and response (EDRs) services typically utilize a software agent installed on endpoints that send information to a centralized database for analysis. In general, this "analysis" is limited to matching a signature of a pattern that indicates a security event is in progress. However, some use statistical baselining and even artificial intelligence to make that determination.

 

EDR services can disable communication at that endpoint when an incident is identified for immediate quarantine. However, human analysis is still required to avoid false positives and unwarranted shut down of a device, typically assigned to in-house IT security, networking, or desktop staff.

​

MDR is an IT cybersecurity service that detects intrusions, malware, and malicious activity in your network and assists in rapid response to eliminate and mitigate those threats. Quality MDR services have a very light footprint on your system and use a combination of human analysts and technology to eliminate false positives, identify real security threats, and develop incident responses in real-time.

 

Comodo Advanced Endpoint Protection (AEP), which comes equipped with impressive security features, is the best endpoint protection or security tool available in the IT security market. Backed by Containment technology, all the unknown (and therefore suspicious) files are run within virtual containers without affecting the host system’s resources or user data.

​

 Comodo Security Features: 

​

Antivirus Scanning: Comodo Advanced Endpoint Protection (AEP) has an antivirus scanning feature capable of scanning endpoints against a massive list of known good and bad files compiled from years as the world’s largest certificate authority and from the 85 million endpoints deployed worldwide.

​

Virus Scope behavioral analysis: Uses techniques such as API hooking, DLL injection prevention, and more to identify indicators of compromise while keeping the endpoint safe and without affecting usability.

​​​

Valkyrie verdict decision engine: While running in auto-containment, unknown files are uploaded to a global threat cloud for real-time analysis, returning a verdict within 45 seconds for 95% of the files submitted.

​

Human analysis: In the 5% of cases where Virus Scope and Valkyrie are unable to return a verdict, the file can be sent to researchers for human analysis who make a determination within SLA timelines.

​​

Host intrusion prevention: Rules-based HIPS that monitors application activities and system processes, blocking those that are malicious by halting actions that could damage critical system components.

​​

Personal packet filtering firewall: Provides granular management of inbound and outbound network activities, hides system ports from scans, and provides warnings when suspicious activities are detected. Can be administered remotely or by a local administrator