Seqrite EDR is a comprehensive detection and response solution. This resolves the user’s data
visibility and control over the system hardware, operating system, and applications.
The EDR edition is available with EPP 8.3 version with Endpoint Protection. Here are a few
benefits of EDR edition.
Helps utilize multi-phase verification that enables comprehensive analysis of all events through multiple layers in the system.
Ensures immediate remediation action that helps restrict potentially infected hosts and perform automated actions automatically or manually.
Enables automated and manual IOC lookup on previous data generated by the Seqrite
Threat Intel team and other sources.
The EDR system employs a multi-phase verification mechanism to ensure comprehensive threat detection. It analyzes all endpoint events and processes through multiple layers of the system, enabling the identification of malicious activity. This approach also correlates various security alerts into unified incidents for streamlined investigation and response.
Security alerts related to processes and files are presented in a tree-structured flow. This visual representation helps security analysts understand the sequence of events, making it easier to trace the origin and progression of threats.
The EDR continuously monitors endpoint activities to detect suspicious behavior. It empowers incident responders to take immediate remediation actions, such as isolating endpoints or terminating malicious processes. This capability is particularly effective against advanced persistent threats (APTs) and zero-day attacks.
The integrated threat hunting feature enables proactive detection of hidden threats, anomalous behavior, and infiltration attempts within the network. This helps security teams identify and mitigate risks before they escalate into actual incidents.
Comprehensive air-gap network support, ensuring offline updates of rules, policies,
signatures, and other components.
Note
User need to purchase the EDR edition separately to avail this policy settings.
Endpoint protection Response
To enable EDR for a container policy, follow these steps:
- On the EPP console page, Select Policies tab from the left navigation pane.
- On the Policy settings page, Select EDR.
To create feature policy for EDR, follow these steps:
- On the Policies page, Select Create from the list option
- On the Create Policy page, enter the required fields as mentioned.
| Field |
Description |
| Policy Name |
Enter a Policy name. |
| Policy Type |
Select Feature Policy option. |
| Select Feature |
Select Advanced Protection. |
| Description |
Enter a description for policy settings . |
Click Create
- Select Enable EDR.
- Click Save Policy.
EDR feature policy is now created
For more information about EDR. Click here .
