Secure Endpoint – Protection Overview
Safeguard your endpoints from never-before-seen attacks with a single, cloud-delivered agent for endpoint protection, detection, and response.
Advanced malware and script-based cyber-attacks can bypass traditional antivirus with ease and potentially wreak havoc on your business or personal compute devices. To protect your endpoints, you need a solution that provides superior prevention and uses AI to continuously adapt to rapidly changing threats and outpace adversaries.
The EXOsecure Digital Spartan Service provides Cortex® XDR™ from Palo Alto Networks. The Cortex® XDR™ Endpoint Protection software for your compute and mobile devices provides everything you need to secure your endpoints. By analyzing files before and after they execute, it identifies the telltale signs of attacks, including zero-day malware, fileless attacks, and script-based attacks. You can quickly deploy the unified, cloud-delivered agent to your endpoints to instantly start blocking advanced attacks and collecting data for detection and response.
Eliminate Zero-Day Malware, Ransomware, and Fileless Attacks
Block Exploits by Technique to Shut Down Attacks Early
Quickly Discover and Investigate Threats with Cortex XDR
The Cortex® XDR™ agent provides the most comprehensive prevention stack, thwarting every possible attack vector with a single agent by unifying multiple complementary engines:
• AI-based local analysis blocks malware before it can execute, using a local machine learning model powered by a comprehensive data set from global sources. The model is built on a unique agile framework, enabling continuous updates to ensure the latest local prevention is always available.
• Integration with cloud-based WildFire® malware prevention service brings deep inspection of unknown files, with intelligence automatically shared across your Palo Alto Networks endpoint agents, Next-Generation Firewalls, and cloud infrastructure.
• Behavioral Threat Protection blocks the stealthiest threats by recognizing the sequence of events associated with malware and fileless attacks. This engine examines the behavior of multiple related processes to uncover attacks, even if individual actions do not definitively signal malicious activity.
• Behavior-based ransomware protection safeguards your endpoints against ransomware by detecting processes attempting to modify or encrypt files, providing another layer of defense against covert ransomware.
Adversaries often exploit system and application vulnerabilities to gain control of endpoints and install malware. To stay ahead of continually evolving exploits, the Cortex XDR agent identifies exploit techniques and methods rather than simply detecting exploits with signatures. By foiling each step of an exploit, it breaks the attack lifecycle and renders threats ineffective.
Cortex® XDR™ agents prevent exploits through multiple methods:
• Pre-exploit protection blocks reconnaissance and vulnerability-profiling techniques before adversaries launch exploits, effectively preventing attacks.
• Technique-based exploit prevention prevents known and zero-day exploits, without any prior knowledge of the threats, by blocking exploit techniques such as buffer overflow or DLL hijacking.
• Kernel exploit prevention blocks exploits that take advantage of vulnerabilities in the operating system kernel to create processes with escalated, system-level privileges.
The Cortex XDR agent also thwarts injection techniques used to load and run malicious code from the kernel, such as those used in the WannaCry and NotPetya attacks.
Deploying Cortex® XDR™ agents to your compute and mobile devices proactively blocks attacks and collects rich endpoint data for the EXOsecure Managed Cortex XDR portal, the category-defining enterprise- scale prevention, detection, and response platform that runs on endpoint, network, and cloud data to stop sophisticated attacks. A unified user interface facilitates management of alerts and incidents for detection and response as well as policies for the Cortex XDR agent.
The EXOsecure managed Cortex XDR portal speeds alert triage and incident response feedback to the customer by providing a complete picture of each threat and revealing the root cause automatically.
By stitching different types of data together and simplifying investigations, Cortex XDR reduces the time and experience required at every stage of security
operations, from triage to threat hunting. Tight integration with enforcement points lets you respond to threats quickly and apply the knowledge gained from investigations to detect similar attacks in the future.