ESET Endpoint Solutions

Powerful multilayered protection for all devices

What is an Endpoint Protection Platform?

An Endpoint Protection Platform (EPP) is a solution deployed on endpoint devices (desktops, laptops, mobiles) to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.

ESET’s endpoint protection solutions leverage a multilayered approach that utilises multiple technologies working together, with the ability to constantly balance performance, detection and false positives.

Why Endpoint Protection Solutions?

Ransomware

Ransomware has been a constant concern for industries across the world ever since Cryptolocker in 2013. Despite ransomware having existed for far longer, it was never previously seen as a major threat by businesses. However, now a single incidence of ransomware can easily render a business inoperable by encrypting important or essential files. When a business experiences a ransomware attack, it can quickly realise that the backups it has are not recent enough, thus tempting it to pay the ransom.

ESET’s endpoint protection solutions provide multiple layers of defence to not just prevent ransomware but to detect it if it ever appears within an organisation. It is important to prevent and detect ransomware, as every time someone pays a ransom, it encourages the criminals to continue to utilise this mode of attack.

Targeted attacks and data breaches

Today’s cybersecurity landscape is constantly evolving with new attack methods and never-before-seen threats. When an attack or data breach occurs, organisations are typically surprised that their defences were compromised or are completely unaware that the attack even  happened. After the attack is finally discovered, organisations then reactively implement measures to block any similar attack from being repeated. However, this does not protect them from the next attack, which may use another brand-new vector.

ESET’s endpoint protection solutions use threat intelligence information based on their global presence to prioritise and effectively block the newest threats prior to their delivery anywhere else in the world. In addition, our solutions feature cloud-based updating, to respond quickly in the case of a missed detection without having to wait for a normal update.

“ESET’s Endpoint Protection solutions provide multiple layers of defence to not just prevent malware, but to detect it if it ever appears within an organisation.”

Fileless Attacks

Newer threats, called fileless malware, exist exclusively in computer memory, making it impossible for file scanning-based protections to detect them. Furthermore, some fileless attacks will leverage currently installed applications that are built into the operating system to make it even harder to detect a malicious payload. For example, the use of PowerShell in these attacks is very common.

ESET endpoint protection platforms have mitigations in place to detect malformed or hijacked applications to protect against fileless attacks. ESET has also created dedicated scanners to constantly check memory for anything that is suspicious. By utilising this multilayered approach, we make sure we always stay one step ahead of the newest malware.

“When an attack or data breach occurs, organisations are typically surprised that their defences were compromised or are completely unaware that the attack even  happened.”

The ESET Difference

Multilayered Protection

ESET combines multilayered technology, machine learning and human expertise to provide our customers with the best level of protection possible. Our technology is constantly adjusting and changing to provide the best balance of detection, false positives and performance.

Unparalleled Performance

A major concern for many organisations is the performance impact of their endpoint protection solution. ESET products continue to excel in the performance arena and win third-party tests that prove how light-weight our endpoints are on systems.

Cross Platform Support

ESET endpoint protection products support all OSes – Windows (including Windows on ARM), macOS, Linux and Android. All our endpoint products can be fully managed from a single pane of glass; mobile device management for iOS and Android is fully built in as well.

Worldwide Presence

ESET has offices in 22 countries worldwide, R&D labs in 13 and a presence in over 200 countries and territories. This helps to provide us with data to stop malware prior to it spreading across the globe, as well as to prioritise new technologies based on the most recent threats or  possible new vectors.

The Technology

ESET’s products and technologies rest on three pillars: ESET LiveGrid®, Machine Learning, Human Expertise.

 

ESET Livegrid®

Whenever a zero-day threat such as ransomware is seen, the file is sent to our cloud-based malware protection system – LiveGrid®, where the threat is detonated and its behaviour is monitored. The results of this system are provided to all endpoints globally within minutes without requiring any updates.

Machine Learning

Uses the combined power of neural networks and handpicked algorithms to correctly label incoming samples as clean, potentially unwanted or malicious.

Human Expertise

ESET’s world-class security researchers share elite know-how and intelligence to ensure our users benefit from optimum, round-theclock threat intelligence.

“A single layer of defence is not enough for the constantly evolving threat landscape. All ESET Endpoint Security products have the ability to detect malware pre-execution, during execution and post-execution. Focusing on more than a specific part of the malware lifecycle allows us to provide the highest level of protection possible.”

Machine Learning

All ESET endpoint products have been using machine learning in addition to our other layers of defence since 1997. Specifically, machine learning is used in the form of consolidated output and neural networks. For a deep inspection of the network, admins can turn on a special aggressive machine learning mode that works even without internet connection.

Ransomware Shield

ESET Ransomware Shield is an additional layer that protects users from ransomware. This technology monitors and evaluates all executed applications based on their behaviour and reputation. It is designed to detect and block processes that resemble the behavior of ransomware.

In-product Sandbox

Today’s malware is often heavily obfuscated and tries to evade detection as much as possible. To see through this and identify the real behaviour hidden underneath the surface, we use in-product sandboxing. With the help of this technology, ESET solutions emulate different components of computer hardware and software to execute a suspicious sample in an isolated virtualised environment.

Network Attack Protection

This technology improves detection of known vulnerabilities on the network level. It constitutes another important layer of protection against the spread of malware, network-conducted attacks, and exploitation of vulnerabilities for which a patch has not yet been released or deployed.

HIPS

ESET’s Host-Based Intrusion Prevention System monitors system activity and uses a predefined set of rules to recognize suspicious system behaviour. Moreover, the HIPS self-defence mechanism stops the off ending process from carrying out the harmful activity.

Brute Force Attack Protection

A security feature that protects devices against potential guessing of credentials and illegitimate establishment of a remote connection. Protection can be easily confi gured through a policy directly from the console, and exclusions can be created when something is blocked but shouldn’t be.

Advanced Memory Scanner

ESET Advanced Memory Scanner monitors the behaviour of a malicious process and scans it once it decloaks in memory. Fileless malware operates without needing persistent components in the file system that can be detected conventionally. Only memory scanning can successfully discover and stop such malicious attacks.

Exploit Blocker

ESET Exploit Blocker monitors typically exploitable applications (browsers, document readers, email clients, Flash, Java and more), and instead of just aiming at particular CVE identifiers, it focuses on exploitation techniques. When triggered, the threat is blocked immediately on the machine.

Botnet Protection

ESET Botnet Protection detects malicious communication used by botnets, and at the same time identifies the off ending processes. Any detected malicious communication is blocked and reported to the user.

Secure Browser

Designed to protect organisation’s assets with a special layer of protection that focuses on the browser, as the main tool used to access critical data inside the intranet perimeter and in the cloud. Secure Browser provides enhanced memory protection for the browser process, coupled with keyboard protection, and lets admins add URLs to be protected by it.

UEFI Scanner

ESET is the first endpoint security provider to add a dedicated layer into its solution that protects the Unified Extensible Firmware Interface (UEFI). ESET UEFI Scanner checks and enforces the security of the preboot environment and is designed to monitor the integrity of the firmware. If modification is detected, it notifies the user.

All ESET endpoint solutions are managed from a single ESET PROTECT console – which can be cloud-based or on-premises – ensuring a complete overview of your network.

Use Cases

Ransomware

Some businesses want extra assurance that they will be protected from ransomware attacks.

Solution

✓ Network Attack Protection has the ability to prevent ransomware from ever infecting a system, by stopping exploits at the network level.

✓ Our multilayered defence features an in-product sandbox that has the ability to detect malware that attempts to evade detection by using obfuscation.

✓ Leverage ESET’s cloud malware protection system to automatically protect against new threats without the need to wait for the next detection update.

✓ All products contain protection in the form of Ransomware Shield to ensure that ESET users are protected from malicious file encryption.

Stolen Credentials

Phishing attacks and fake websites mimicking real organizations to steal login credentials and financial data are on the rise.

Solution

✓ ESET endpoint products are designed to protect an organisation’s assets with a unique layer of protection, focusing on the browser as the primary tool to access critical data inside the intranet perimeter and in the cloud.

✓ Secure Browser feature protects sensitive data while browsing online.

✓ With a single click, administrators can choose to include all banking and payment portals and decide to protect the browser for specific websites or not.

Fileless Malware

Fileless malware is a relatively new threat and, as it exists only in memory, requires a different approach compared to traditional file-based malware.

Solution

✓ A unique ESET technology, Advanced Memory Scanner, protects against this type of threat by monitoring the behaviour of malicious processes and scanning them once they decloak in memory.

✓ Reduce data gathering and investigation time by uploading the threat to ESET Threat Intelligence in order to provide information about how it functions.

✓ Multilayered technology, machine learning and human expertise provide our customers with the best level of protection possible.

Password-guessing Attacks

Remote Desktop Protocol (RDP) and Server Message Block (SMB) are attractive attack vectors that can allow an attacker to obtain full remote control of a system.

Solution

✓ Brute Force Attack Protection provides an effective defence against frontal attacks on password protected remote access points.

✓ Protects devices against potential guessing of credentials and illegitimate establishment of remote connections.

✓ Can be easily configured through a policy directly from the console; exclusions can be created when something is blocked but shouldn’t be.

✓ Versatile: users can add their own rules or modify existing ones.

Download

Please click the image below to download this locally as a brochure.
If you have any further questions please reach out to us on 01492 862780 and we’ll be more than happy to help.

Risc IT Solutions - ESET