Product Overview
Incident Detection and Incident Response for Hybrid Deployments
Armor's Endpoint Detection and Response (EDR) is an advanced security detection and incident response solution delivering continuous visibility to Security Operations and Incident Response teams across an organization's end user IT estate. EDR can be installed on laptops, desktops, and servers, giving Customers a 360-degree detailed overview of endpoint activity.
EDR provides next-generation endpoint protection, identifying suspicious activities and events, and performing validation on detected threats, along with identifying anomalies and suspicious behavior patterns. The EDR product also provides next-gen anti-virus technologies to prevent malicious executables from firing in your environment.
| Multimedia |
|---|
| name | EDR1.mp4 |
|---|
| width | 600 |
|---|
| height | 300 |
|---|
|
Features
Continuous Visibility
You can't stop what you can't see.
Investigations that typically take days or weeks can be completed in just minutes. EDR collects and visualizes comprehensive information about endpoint events, giving security professionals unparalleled visibility into their environments.
Scale the Hunt
Never hunt the same threat twice.
EDR combines custom and cloud-delivered threat intel, automated watchlists and integrations with the rest of your security stack to efficiently scale your hunt across even the largest of enterprises.
The days of constantly reimaging are over.
An attacker can compromise your environment in an hour or less. EDR gives you the power to respond and remediate in real time from anywhere in the world. EDR makes it easy to quickly contain threats and repair the damage to keep your business going.
Pricing
Pricing for EDR is per license purchased with an initial minimum of 25 licenses.
| Expand |
|---|
| title | Supported Operating Systems |
|---|
|
WINDOWS Currently, Armor is only operating on CB Cloud v3.5.1 for following Windows operating systems: - Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Microsoft Windows 10
| Note |
|---|
We are not supporting Windows 11 at this time. |
LINUX Currently, Armor is only operating on CB Cloud v2.8.0 for following Linux operating systems: OS | Version | CentOS | | RHEL | | | Ubuntu | | | Amazon | | | Oracle | | | Suses | | | Debian | |
MacOS Currently, Armor is only operating on CB Cloud v3.5.1 for following Mac operating systems: - macOS High Sierra
- macOS Mojave
- macOS Catalina
- macOS Big Sur
- installation on Big Sur requires special instructions, see documentation
| Info |
|---|
macOS 10.15 (Catalina) devices installed with macOS sensors 3.3.3+ may require a reboot. macOS 10.13+ devices installed with macOS sensors 3.1+ require new Apple KEXT approval. Unapproved sensors will enter bypass mode.
|
| Note |
|---|
We are not supporting MacOS 12 Monterrey at this time. |
|
| Expand |
|---|
|
Hardware | Network |
|---|
| TLS: 1.2 or later Minimum Network used during light usage is 1k bytes/sec read/writes each Primary port 443 and fail over port 54443 Firewall or proxy should be configured with a bypass rule to allow outgoing connections over TCP/443 as well as Cb Defense's alternate port TCP/54443.
|
Configure firewalls or proxies to allow outgoing and incoming connection to the following Destinations without packet inspection. Per link - https://www.dell.com/support/article/en-us/sln319296/vmware-carbon-black-cloud-endpoint-sensor-system-requirements?lang=en Configure TCP/443 and TCP/54443 for the below destinations as well. Signature URLs: Third-party certificate validation URLs (sensor version 3.3+: optional but recommended and on by default): |
| Expand |
|---|
| title | EDR Features and Supported OS Types |
|---|
|
|
Useful Links
Getting Started
Install and Uninstall
Troubleshooting Guide
FAQs
Armor Toolbox (Agent 3.0)
Was this helpful?