As the threat landscape is evolving so rapidly, antivirus software is becoming less effective, and it’s critically important to be analysing malicious behaviours on the endpoints – not just looking at signatures.
CEASR reduces your attack surface with comprehensive endpoint protection, all integrated into our XDR platform. It achieves this by locking down known weaknesses in your Windows working environment often exploited by malware, applying policies based on the Australian Government’s ASD Windows ISM Controls and allows organisations to meet Essential Eight guidelines.
CEASR monitors and blocks suspicious software behaviours on endpoints via a range of methods, including the following:
- Prevents suspicious applications, files, and programs from launching executable scripts that attempt to download or run unknown files.
- Block third-party applications like Microsoft Office or Adobe Reader from creating and running child processes.
- Preventing malware from abusing WMI to attain persistence on a device.
- Controlling removable media like USB by blocking unsigned processes.
- Protecting against web-based threats by blocking outbound processes on the device from untrusted sources.
- Protecting your confidential and private data from malicious ransomware activities by blocking untrusted processes from accessing your protected folders.
- Detecting changes across your network and alerting any new subdomains and domains attaching to your attack surface area.
- Gaining visibility over your entire attack surface area, including activity, open ports, SSL certificates and more, in one comprehensive cybersecurity solution.
- Device application whitelisting blocking of obfuscated or otherwise suspicious scripts.