endpoint detection & response

Don’t count on everyone to do things 100% right.

TEKRiSQ’s EDR solution is security software. It helps lock down and secure systems at the endpoint level, helping protect both those endpoints and the wider network against cybercriminals. EDR is often compared to simple antivirus tools, but in reality they offer far more. Specifically, they use AI and machine learning to track possible threats and act on your behalf to address them, with fast & accurate results.

EDR is a next generation antivirus solution replacing the desktop deployed signature-based antivirus solutions. EDR detects, alerts, kills, and quarantines malicious and suspicious threats. EDR uses a variety of mechanisms including:

Reputation engineensures that known malicious files are not written to the disk or executed.
Static AI enginescans for malicious files written to disk.  This engine runs scans upon file execution and when files are written to the disk. It also scans for suspicious files written to disk.
Behavioral AI executable engineuses advanced machine learning tools to detect malicious activities in real-time
Documents and scripts behavioral AI engine–  separately focuses on documents and scripts.
Lateral movement AI enginedetects remote device attacks.

Anti exploitation and fileless AI engine- focused on exploits & fileless attack attempts (web related & command line exploits)
Granular remediation capabilitiesautomated cleanup/ recovery
Remediate: This option assists in removing damage caused by the threat, but not a full rollback, which “rewinds” to a specific point in time.
Rollback: During a rollback, the affected device is restored to a saved Volume Shadow Copy Service (VSS) snapshot, which attempts to reverse any damage. In other words, it seeks to restore endpoint to a state before the attack started doing damage. This can be particularly helpful for ransomware attacks, where it rolls the endpoint back before files were encrypted. This may negate the need to pay the ransom.
Beyond that, the rollback feature happens near instantaneously—much faster than if you were restoring from a backup. However, EDR doesn’t eliminate the need for a good, cloud-based backup solution.
NOTE: Ransomware is only one threat—data loss can easily occur due to software failures, hardware issues, or even natural disasters.