Resolution1 Endpoint

Identify compromised endpoints and automate your investigation and response.

Resolution1 Endpoint equips security-conscious organizations to confidently respond to, validate and resolve security incidents in a fraction of the time it takes using traditional approaches. Security teams get the visibility, context and automation they need to identify and stop advanced attacks when they are just beginning.
Download Datasheet >

RESOLUTION1 ENDPOINT CAPABILITIES

Eliminate Blind Spots

Identify threats as they happen no matter where in they are in your environment – on the network, endpoints (on and off the network) or on mobile devices.

Respond Immediately

Integrate with SIEMs, next-generation firewalls and alerting tools to automatically link disparate information and accelerate your response.

Identify Compromised Endpoints

Automatically sweep all endpoints for signs of the compromise once an Indicator of Compromise (IOC) has been validated.

Proactively Hunt for Threats

Apply network- or host-based intelligence in any format, from simple to complex, to rapidly identify compromised endpoints and automatically take action.

Accelerate Triage and Validation of Suspected Incidents.

Automatically harvest rich system information from endpoints and correlate it against threat reputation services, advanced threat detectors and threat intelligence to confirm when endpoints are compromised - without the use of multiple point products or analyst’s time.

Know What Happened Using Playback

Fully expose how an attack happened, what was taken and who was involved – well after the initial compromise has occurred – by recording key events (such as file, processes, registry, network, DNS and URL) and automatically delivering a timeline related to a suspected incidentalong with the prioritized alerts.

Automatically Remediate and Take Action on Impacted Endpoints

Immediately halt data exfiltration and lateral movement on endpoints by isolating devices, halting processes, wiping files, kicking off a script to initiate anti-virus scan or custom scripted routines on the endpoints.  

Automate Incident Response Workflows

Easily create and customize response workflows specific to the organization. Automatically kick off remediation or deep analysis actions by defining trigger rules and actions with the alert response workflow engine.