ENDPOINT THREAT DETECTION

Detecting Attacks on Microsoft Systems

Download pdf

SGBox ETD

To increase the security of the Microsoft systems, SGBox is able to collect specific information from endpoints, where most of the targeted attacks are concentrated. SGBox provides a number of specific out-of-the-box correlation rules and dashboards to detect threats and generate automated responses to mitigate the risk of a data breach.

Enpoint Visibility

SGBox ETD provides deep endpoint visibility with the right insights to help security analysts to discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints.

SGBox Agent

SGBox Agent allows you to monitor and track system activities by saving them in the Windows event log. The data collected by the service increases Windows audit capabilities, allowing you to gather detailed information about processes and network traffic (such as DNS queries sent by an application).

Attack Techniques

SGBox maps possible attack techniques with Tactics, Techniques and Procedures (TTP) of the MITRE ATT&CK framework. ATT&CK catalogues the modus operandi of attackers starting from real cases, defines common terminology and widespread in many security products (including EDRs).

Rapidly Eliminate Threats

Integrated response capabilities eliminate threats to trusted states with the SGBox correlation engine.

Try it Now!

If you’re interested in learning how SGBox Endpoint Threat Detect can help you
to discover targeted attacks in your network, request a trial version today.
We’d be proud to show you what we can do.

Request a demo
1000
Projects
95
% of Renewals
50
% Annual Growth
50
Partners