Endpoint Detection & Response (EDR)

Nuspire’s EDR solution provides customers with the technology, expertise, and service to proactively detect and protect customer end points.

Nuspire’s Endpoint Detection and Response (EDR) service utilizes Nuspire’s NextGen Endpoint Threat Detection agent with direct integration of Nuspire’s nuSIEM and Security Operation Center to provide unparalleled visibility, detection, and containment of tomorrow’s most advanced threats. Through cross-platform visibility into endpoint activities, such as process execution, network communications, file access, applications, DNS requests, and encrypted web traffic – Nuspire is able to record and identify the source of any threat. The lightweight and high-performance endpoint agent utilizes a static AI engine to provide pre-execution threat detection and behavioral AI engines to detect threats upon execution - offering the most advanced identification of known and unknown threats available today.

Nuspire’s EDR solution provides the following capabilities:

Threat Detection
    • Through static and behavioral AI engines, HIDS, and FIM within the endpoint agent, Nuspire’s Security Operation Center is alerted to indicators of compromise (IOCs) of a host no matter if it is on the corporate network or off network.
Advanced Visibility
    • Nuspire’s nuSIEM continuously collects the forensic data of an endpoint to allow for a complete view of host activities including visibility at the end of the tunnel of encrypted web traffic – allowing for an unprecedented tap into all traffic without the need to decrypt or interfere with the data transport.
Investigation of IOCs
    • IOCs are investigated by the Nuspire SOC to identify the threat, its impact, and the attack methodology used to gain a foothold. The forensic data held within nuSIEM provides full attack view of the incident from the first point of compromise.
Threat Containment & Remediation Guidance
    • After IOC validation, Nuspire’s SOC will provide notification of the event. Nuspire can remotely contain the machine from the rest of the network as well as provide guidance on how to improve the security posture of the host and organization. Nuspire will provide remediation guidance on removing the threat or remotely roll back a machine via VSS to a known good state.
Activity Reporting & Threat Hunting
    • Through Trax, clients can review incidents and investigations that have occurred as part of the service. Further access to nuSIEM is provided allowing for threat hunting activities and detailed forensic data of the host.

 

EDR web

 

SOC 2 Certified

Nuspire is SOC 2 Compliant

Nuspire undergoes annual SOC 2 auditing against AICPA’s controls of security, availability and confidentiality. Nuspire’s SSAE 16/SOC 2 audited Security Operations Centers follow industry-standardized processes in order to provide the security, privacy, redundancy and flexibility to custom fit your organization’s needs.

 

Contact us using the form below to learn how Nuspire’s EDR service can augment your network security posture.

 

 


Nuspire Insights






Nuspire Infographic


Contact Us