ESET Enterprise Inspector provides a unique behavior and reputation based detection that is fully transparent to security teams. All rules are easily editable via XML to allow fine-tuning or easily created to match the needs of specific enterprise environments, including SIEM integrations.
Utilize ESET's Endpoint Detection and Response tool to easily suppress false alarms by adjusting the sensitivity of detection rules for different computer groups or users. Combine criteria such as file name, path, hash, command line or signing authority to fine-tune the trigger conditions.
Easily adjust behavior rules with ESET Enterprise Inspector, then "re-scan" the entire events database. This allows you to then identify any new alerts triggered by the adjusted detection rules. No longer are you searching for a static indicator of compromise, but for dynamic behavior with multiple parameters.
ESET's Endpoint Detection and Response tool is built on top of existing ESET endpoint security solutions, creating a consistent ecosystem that allows cross-linking of all relevant objects and synchronized remediation of incidents.
Apply filters to sort data based on file popularity, reputation, digital signature, behavior or contextual information. Setting up multiple filters enables automated, easy threat hunting, including for APTs and targeted attacks, which can be customized to each company's environment.
Quickly and easily view all security incidents in the alarms section. With a few clicks security teams can see a full root cause analysis that includes: what was affected, where and when the executable, script, or action was performed.
Check actions that were carried out by an executable and utilize ESET's LiveGrid® reputation system to quickly assess if executed processes are safe or suspicious. Grouping of computers by user, department or other criteria allows security teams to quickly identify if the user is entitled to perform a specific action or if an action is out of the ordinary.
Use a built-in set of rules or create your own rules to respond to detected incidents. Each triggered alarm features a proposed next step to be performed for remediation. This quick response functionality helps to ensure that any single incident will not fall through the cracks.
Taking advantage of ESET'S flexible and secure architecture, ESET Enterprise Inspector allows on-premise as well as cloud deployment for better scalability based on the company size and needs.
Block malicious modules from being executed on any computer in your organization's network. ESET Enterprise Inspector's open architecture offers the flexibility to detect violations of policies. For example, you can block the use of specific software like torrent applications, cloud storages, tor browsing or other unwanted software.
Please Note: ESET Enterprise Inspector requires a valid ESET Endpoint Protection Advanced or ESET Secure Business license.
Request a demo and gain access to alternate payment methods