WatchGuard’s endpoint security services have traditionally focused on extending network security to protect employees while off-network using DNS-level protection, multi-factor authentication, and some network security features – packaged together in our easy-to-buy WatchGuard Passport offering. With Panda’s comprehensive endpoint security platform, we’ve added endpoint protection AV services and innovative EDR capabilities – furthering our vision to deliver advanced threat detection and response functionality fueled by modern AI capabilities, behavior profiling techniques, and cutting-edge security event correlation, and additional operational benefits such as centralized management across network and endpoint security.
Panda Adaptive Defense 360 (AD360)
Panda Adaptive Defense 360 (AD 360) - is an innovative cybersecurity solution for desktops, laptops and servers, delivered from the cloud. It automates the prevention, detection, containment and response against any present or future advanced attacks, zero-day malware, ransomware, phishing, memory exploits and malwareless attacks, inside and outside the corporate network.
It differs from other solutions in that it combines the widest range of protection technologies (EPP) with automated EDR capabilities, thanks to one service managed by Panda Security experts, and delivered as feature of the solution:
Thanks to its cloud architecture, the agent is light and does not impact the performance of endpoints, which are managed through a single cloud console, even when not connected to the Internet. Panda Adaptive Defense 360 integrates Cloud Protection and Management Platforms (Aether), which maximize prevention, detection and automated response, minimizing the effort required.
BENEFITS Panda Adaptive Defense 360
Simplifies and minimizes the cost of advanced and adaptive security
• Its managed services reduce the cost of expert personnel. There are no false alarms, no responsibility is delegated.
• The managed services learn automatically from the threats. No time is wasted with manual settings.
• Maximum prevention on endpoints. Operating costs are reduced practically to zero.
• There is no management infrastructure to install, configure or maintain.
• Endpoint performance is not impacted as it is based on a lightweight agent and cloud architecture.
Automates and reduces detection and exposure time (Dwell Time)
• Prevents the running of threats, zero-day malware, ransomware and phishing.
• Detects and blocks malicious activity in memory (exploits), before it can cause damage.
• Detects malicious processes that slip past preventive measures.
• Detects and blocks hacking techniques and procedures.
Automates and reduces response and investigation time
• Automatic and transparent remediation.
• Recovery of endpoint activity – immediate recovery of normal activity.
• Actionable insights into attackers and their activity, speeding up forensic investigation.
• Helps reduce the attack surface. Supports improvement to security posture and maturity
CLOUD ADAPTIVE PROTECTION PLATFORM
The 100% Attestation Service monitors and prevents the execution of malicious applications and processes on endpoints. For each execution, it issues a real-time classification, malicious or legitimate, with no uncertainty, and without delegating to the client. All this is possible thanks to the speed, capacity, flexibility and scalability of AI and cloud processing. The service combines Big Data and multi-level Machine Learning, including Deep Learning, the result of the continuous supervision and automation of the experience, intelligence and accumulated knowledge of experts in security and threats at Panda Security’s Intelligence center.
The Panda Adaptive Defense 360 console incident timeline enables forensic investigation: the date it was first seen on the network, names and number of endpoints affected, settings changes and with whom it has communicated
Workflow of the managed cloud classification service
ADVANCED AUTOMATED SECURITY ON ENDPOINTS
Panda Adaptive Defense 360 integrates, in a single solution, traditional preventive technologies with innovative technologies for prevention, detection and automated response against advanced cyberthreats.
Traditional preventive technologies
• Personal or managed firewall. IDS.
• Device control.
• multivector permanent antimalware and on-demand scan.
• Managed blacklisting/whitelisting. Collective intelligence.
• Pre-execution Heuristics.
• Web access control.
• Antispam & Antiphishing.
• Anti-tampering.
• Mail content filter.
• Remediation and rollback
Advanced security technologies
• EDR: continuous monitoring on endpoints activity.
• Prevention of execution of unknown processes.
• Cloud-based Machine Learning of behavior to classify
100% unknown processes (APTs, ransomware, Rootkits, etc.)
• Cloud-based Sandboxing in real environments.
• Behavioral analysis and IoA detection (scripts, macros, etc.).
• Automatic detection and response to memory exploits.
LOUD MANAGEMENT PLATFORM: AETHER
The Aether platform and its cloud console, common to all Panda Security endpoint solutions, optimize the management of advanced and adaptive security inside and outside the network.
Designed so that security teams focus solely on managing the cybersecurity posture of the organization, it minimizes complexity
Unified cloud management platform: Aether
BENEFITS OF AETHER IN:
Achieve greater value in less time. Simple to implement – immediate visibility
• Deployment, installation and configuration in minutes. See the value from day one.
• Lightweight multi-product and multi-module Panda agent. Cross-platform (Windows, Mac, Linux, Android).
• Automatic discovery of unprotected endpoints. Remote installation.
• Proprietary proxy technology, even on computers with no Web connection.
• Traffic optimization, with proprietary repository/ cache technology.
Easy to use, adapting to your organization
• Intuitive Web console. Flexible and modular management.
• Predefined and custom roles.
• Detailed audit of actions in the console.
• Users with total or restricted permissions and visibility.
• Security policies for groups and endpoints.
• Hardware and software inventories and change log.
Facilitates monitoring. Accelerates response
• Prioritized key indicators and dashboards.
• Prioritized and confirmed alerts in your workflow.
• Complete and actionable history of incidents: processes involved, source, dwell time, prevalence, etc.
• Act on endpoints with a single click: restart, isolate, patch and scan, accelerating the response
OPTIONAL MODULES Advanced Reporting Tool
Reporting platform automates the correlation of the information generated by the execution of processes and applications on protected endpoints and their context, which Panda Adaptive Defense 360 collects and enriches in the Cloud Protection Platform. Panda Advanced Reporting Tool automatically generates intelligence on organization activity and enables the searching, correlation and configuration of alerts regarding events.
Advanced Reporting Tool (ART) incorporates dashboards with key indicators, search options and default alerts for three specific areas:
• Security incidents
• Access to critical information
• Application and network resource usage
Functions Advanced Reporting Tool (ART)
Security Incident Information
Generate security intelligence by processing and correlating the events generated during intrusion attempts:
• Calendar charts showing the Malware, PUPs and Exploits detected over the last year
• Computers with most infection attempts and malware specimens detected
• Pinpoint computers with vulnerable applications
• Malware, PUPs and exploit execution status
ART includes widgets for Shadow IT, giving visibility of applications executed that may be beyond the control of the IT department:
• Most and least frequently executed applications
• Scripting applications executed (PowerShell, Linux shell, Windows cmd, etc.)
• Remote access applications executed (TeamViewer, VNC, etc.)
• Unwanted freeware applications executed (Emule, torrent, etc.)
Network Resource Usage Patterns
Track IT resource usage patterns to define and enforce security policies:
• Find the corporate and non-corporate applications running on your network
• Vulnerable applications running or installed on the network that may lead to infection or have an impact on business performance
• MS Office license control, used vs. purchased
• Applications with highest bandwidth consumption
Control Access to Business Data
Shows access to confidential data files across the network:
• Files most commonly accessed and run by network users
• Calendar charts and maps showing the data sent over the last year
• Find out which users have accessed specific computers on the network
• Countries receiving the highest number of connections from your network