Incident Detection and Incident Response for Hybrid Deployments
Armor's Endpoint Detection and Response(EDR) is an advanced security detection and incident response solution delivering continuous visibility to Security Operations and Incident Response teams across an organization's end user IT estate. EDR can be installed on laptops, desktops, and servers, giving Customers a 360-degree detailed overview of endpoint activity.
EDR provides next-generation endpoint protection, identifying suspicious activities and events, and performing validation on detected threats, along with identifying anomalies and suspicious behavior patterns. The EDR product also provides next-gen anti-virus technologies to prevent malicious executables from firing in your environment.
Â
Â
Features
Continuous Visibility
You can't stop what you can't see.
Investigations that typically take days or weeks can be completed in just minutes. EDR collects and visualizes comprehensive information about endpoint events, giving security professionals unparalleled visibility into their environments.
Scale the Hunt
Never hunt the same threat twice.
EDR combines custom and cloud-delivered threat intel, automated watchlists and integrations with the rest of your security stack to efficiently scale your hunt across even the largest of enterprises.
Respond Immediately
The days of constantly reimaging are over.
An attacker can compromise your environment in an hour or less. EDR gives you the power to respond and remediate in real time from anywhere in the world. EDR makes it easy to quickly contain threats and repair the damage to keep your business going.
Pricing
Pricing for EDR is per license purchased with an initial minimum of 25 licenses.
EDR Technical Information
WINDOWS
Currently, Armor is only operating on CB Cloud v3.5.1 for following Windows operating systems:
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 10
We are not supporting Windows 11 at this time.Â
Â
LINUX
Currently, Armor is only operating on CB Cloud v2.8.0 for following Linux operating systems:
OS
Version
CentOS
7.X
8.X
RHEL
6.X
7.X
8.X
Ubuntu
16.X
18.X
20.X
Amazon
2
Oracle
6.X
7.X
Suses
12
15
Debian
9
10 (untested)
Â
MacOS
Currently, Armor is only operating on CB Cloud v3.5.1 for following Mac operating systems:
macOS High Sierra
macOS Mojave
macOS Catalina
macOS Big SurÂ
installation on Big Sur requires special instructions, see documentation
macOS 10.15 (Catalina) devices installed with macOS sensors 3.3.3+ may require a reboot.
macOS 10.13+ devices installed with macOS sensors 3.1+ require new Apple KEXT approval. Unapproved sensors will enter bypass mode.
We are not supporting MacOS 12 Monterrey at this time.
HARDWARE
NETWORK
HARDWARE
NETWORK
CPU: 2GHz multi-core
RAM: 2GB
Disk Space: 500MB
+600MB if local scanning is enabled or using ThreatHunter.
Network Card: 100/1000 mbps
Additionally for Linux systems need 100 MB free space on the /opt partition and 4.1 GB free on the /var partition
TLS: 1.2 or later
Minimum Network used during light usage is 1k bytes/sec read/writes each
Primary port 443 and fail over port 54443
Firewall or proxy should be configured with a bypass rule to allow outgoing connections over TCP/443 as well as Cb Defense's alternate port TCP/54443.
