Gain Greater Visibility
and Deeper Insight
Monitor endpoints on and off the network through a single interface. Hunt for threats using industry standard YARA and OpenIOC formats directly on the endpoint, in both the file system and memory. Collect files and memory for further analysis and leverage threat intelligence to automatically detect threats from system events.
Detect Endpoint Events
- Record system events such as process starts, file creations, registry modifications, process network activity including URLs, DNS queries, and more, and view a timeline of activities and processes performed.
- Ingest custom, commercial, or open source intelligence feeds for automated threat hunting against static indicators such as IPs, Hashes, or URLs.
- Create and look for behavioral indicators in events to drive detections and hunting.
Automate Endpoint Response
Immediately halt data exfiltration and lateral movement using endpoint isolation, process termination, file wiping, and other actions, or automatically collect triage data to jumpstart your investigation. Integrate with SIEMs, NGFWs, and other applications to execute response actions and send alerts. Create and customize response workflows to automatically kick off remediation or deep analysis actions by defining trigger rules and actions.
Ensure Faster Response to Endpoint Activity
- Access a large library of response scripts, while also having the capability to create your own. Flexible scripting engine provides a large library of response scripts, while giving you the ability to create your own.
- Integrate with any SIEM or application that exists in the organization through a rich API. Fidelis Endpoint has out-of-the-box integration with common SIEMs and NGFWs like Palo Alto, IBM Qradar, and McAfee ESM.
- Automatically generate alerts - driven by behavioral rules and indicators of compromise provided from Threat Intel feeds - and immediately initiate appropriate response actions.
Enhance Your Endpoint Protection
Extending the core functionality of the Fidelis Endpoint module to include prevention, Fidelis AV is integrated into the event recording features, providing visibility into exactly where threats originate. Powered by the Bitdefender engine, Fidelis AV provides both traditional signature and heuristic-based detection and prevention of threats on the endpoint. A unique feature of Fidelis Antivirus, process scanning, allows users to block executables from running by hash or with YARA rules, which can be easily created or edited.
Extend Detections Without the Need for Multiple Solutions
- Ensure detection and prevention of known and unknown malware by utilizing signatures as well as advanced heuristic (behavioral/static analysis-based) scanning.
- Unlike traditional AV, where only an alert is generated, Fidelis AV is tightly integrated into the event system allowing users to follow a detection event back through the process tree.
Intel-Driven Threat Correlation, Triangulation and Validation
- Apply many types of intelligence to search for and identify compromised endpoints and automatically take action.
- Fidelis Endpoint supports the use of custom, open source, or commercial intelligence in multiple formats. Utilize OpenIOC (Indicators of Compromise) or YARA rules for threat scanning, and ingest many common feed formats (CSV, JSON, XML, STIX) into ThreatBridge for automated detections with static indicators such as IP addresses, hashes, or URLs.
Flexible Deployment Options:
Fidelis Enterprise — On-premises Deployment
- You maintain and manage all appliances and software
- Fidelis professional services assists with deployment and training
- Available network sensors include: Direct, Mail, Internal, and Web
- Maintenance fees includes intelligence updates from Fidelis Threat Research Team
- License additional appliances, sensors as your needs grow
Fidelis Endpoint Cloud – Managed by Fidelis
- Infrastructure maintained by Fidelis, so you can focus on security
- Rapid deployment and immediate implementation
- Scale up as you grow with as many software sensors as you need
- Uninterrupted service as you transition from a trial to production
- Simplified subscription pricing based on your bandwidth and storage needs
There is nothing available today with the depth and breadth of this product when it comes to identifying, responding to and remediating digital incidents.- SC Magazine