Endpoint Detection and Response

  • DriveLock EDR helps where prevention through EPP (Endpoint Protection Platform) ends
  • Recognizes and remediates security incidents before major damage occurs
  • Automates routine work of your IT security
  • Adapts flexibly to your IT security strategy
  • Integration into other systems such as Security Information and Event Management (SIEM) for further processing
  • DriveLock combines all its solutions, Data Protection, Endpoint Protection, EDR and Identity & Access Management in its Zero-Trust platform

Prevention, Comprehensive Defense and Response to Security Incidents

Comprehensive prevention measures and security solutions make life significantly harder for attackers. BUT: they do not provide a 100% guarantee of security.

If an intruder manages to break into your system anyway, you should be able to detect this as soon as possible. 

Detecting and responding quickly to threats is critical to effectively averting major damages. 

With Drivelock Endpoint Detection & Response (EDR) you can upgrade your IT security and transform your security strategy from only prevention to detection and response! 

Detection and containment of security incidents, rather than only file-based malware.

Security incident investigation and threat hunting.

Provision of response options for recovery after a security incident.

Prediction of potential security breaches (e.g. the current security status of an endpoint is displayed and advice is given on how to avoid threats).

The DriveLock EDR Solution is Comprehensive

To increase IT security, you also need functions that monitor, alert – should a break-in occur – and make predictions. DriveLock supports these features.

The EDR solution enables more effective cleanup and remediation after an attack.

Reaction to incidents and forensic investigations. EDR provides IT security teams and forensic investigators with the necessary information to perform their analysis.

The EDR solution enables more effective cleanup and remediation after an attack.

A combination of whitelisting & blacklisting with recognition possibilities from analysis.

DriveLock EDR in Action

Dashboard, event filter definition and response definition

DriveLock Event Settings - more than 600 events

    • More than 600 events are detected, correlated and evaluated on the endpoints
    • Response options can be flexibly defined
    • Automation of alerts and defensive reactions 

DriveLock Operations Dashboard

  • Web-based interface for investigation, threat-hunting and reaction to attacks
  • Condition-based security incidents can be viewed centrally
Scroll to Top