BETHESDA, Md.--(EON: Enhanced Online News)--Fidelis Cybersecurity™, the leading provider of solutions for detecting and stopping advanced cyberattacks, announces new time-saving features, enhancements and usability improvements to its Fidelis Endpoint™ product. Fidelis Endpoint 6.1 shortens the time to investigate and resolve security incidents and provides real-time insights into attackers when they infiltrate your endpoints and hide in your environment.
“Immediate and long-term visibility is critical when it comes to limiting the damage attackers can do. With Fidelis Endpoint, security teams can immediately and retrospectively detect suspicious activity across endpoints and get one-click access to the related information they need to understand and act on that alert.”
“The attacks are happening on laptops, servers and other endpoints,” says Fidelis Cybersecurity Senior Vice President of Products Brian Karney. “Immediate and long-term visibility is critical when it comes to limiting the damage attackers can do. With Fidelis Endpoint, security teams can immediately and retrospectively detect suspicious activity across endpoints and get one-click access to the related information they need to understand and act on that alert.”
Highlights of the enhancements included in Fidelis Endpoint 6.1 include:
- Real-Time Event Monitoring: The introduction of new centralized event monitoring provides real-time detection and visibility into what is happening on endpoints across the enterprise. With this release, Fidelis Endpoint now continuously records and streams key endpoint activities including file, process, registry, network, URL and DNS into a centralized event repository. In addition to improved detection, the historical event data holds valuable clues that let you trace an alert back to its original source. When you get new intelligence from Fidelis or your threat intelligence services, you can apply it to the historical events to detect if you’ve been compromised in the past.
- Enhanced Detection Engine: A new detection engine built on top of the centralized event monitoring system provides real-time threat detection. Detections are driven by a growing set of behavioral rules -- also known as indicators of attack and powered by the Fidelis Threat Research Team -- that can be configured to take automated actions, such as tagging for later review, isolating the machine, or acquiring RAM. The new detection engine supports third party/custom indicator feeds and has the ability to create custom behavior rules.
- Event Driven User Interface: When an attack occurs, a new event-driven user interface provides an interactive play-by-play view that shows how the incident unfolded so security teams can take appropriate action to resolve the issue. Users can also filter through data and quickly tag an event, see similar events, or easily create an alert rule when they discover something malicious to drive future and retrospective detections.
- Fidelis Network™ Integration: The introduction of event monitoring enhances the product’s integration with Fidelis Network. Now, when Fidelis Endpoint receives an alert from Fidelis Network, it automatically queries the event repository to determine what took place and validate the alert. Results happen within seconds and an alert rule is dynamically created to watch across others systems for the endpoint activity that triggered the Fidelis Network alert.
- Script Support for All Jobs: All jobs are now executed using the peer-to-peer script engine, which enables users to perform queries/jobs and receive results in near real-time across hundreds of thousands of endpoints.
- Enhanced Endpoint Context: Users can now quickly access additional context about endpoints of interest. This lets users quickly see who is currently logged into a system, the host name, IP address, OS, event data associated with a specific endpoint and the job history for a particular endpoint – all in one location.
“Until this release, users have been forced to choose between vendors who had optimized their endpoint products for query speed or real-time threat detection from centralized events, or endpoint forensics,” says Fidelis Cybersecurity Chief Technology Officer Kurt Bertone. “Fidelis Endpoint 6.1 is the first and only endpoint detection and response product with an architecture optimized to support all three of these use cases in a single product.”
Fidelis Endpoint 6.1 is generally available today.
- Contact Fidelis to schedule
- Watch our Fidelis Endpoint video for an overview
- Read the new Endpoint blog post on Threat Geek
- Visit the Fidelis Endpoint product page
- Read the Fidelis Endpoint datasheet
About Fidelis Cybersecurity
Fidelis Cybersecurity is creating a world where attackers have no place left to hide. We reduce the time it takes to detect attacks and resolve security incidents. Our Fidelis Network™ and Fidelis Endpoint™ products look deep inside your traffic and content where attackers hide their exploits. Then, we pursue them out to your endpoints where your critical data lives. With Fidelis you’ll know when you’re being attacked, you can retrace attackers’ footprints and prevent data theft at every stage of the attack lifecycle. To learn more about Fidelis Cybersecurity products and incident response services, visit www.fidelissecurity.com and follow us on Twitter @FidelisCyber.