Layers of Protection
The Cybereason platform provides several layers of protection to secure your endpoints. Each layer addresses a different type of threat. Together, they provide comprehensive security to your organization.
The following Cybereason protection features protect your environment from threats:
Protection Layer |
Description |
|---|---|
NGAV Anti-Malware - signature-based |
NGAV Anti-Malware - signature based protection analyzes the signatures of processes, files, modules, and so forth to find indicators of known malware (usually based on a known hash value). The Cybereason platform uses signature protection to detect and alert you about previously known malware. |
NGAV Anti-Malware - artificial intelligence |
NGAV Anti-Malware - artificial intelligence protection analyzes the behavior to look for patterns of activity through artificial intelligence and machine learning. Based on analysis of the activity compared to known patterns of behavior, the Cybereason platform can detect and alert you for previously unknown malware. |
Application Control |
Application Control enables you to not only detect but prevent both known and unknown malware. After you analyze existing alerts of known and unknown malware, you can instruct the Cybereason platform to prevent the malware when it is found in the future. Then, the Cybereason application control not only detects and alerts you of the malware, but also prevents it from running. |
Dynamic behavioral Anti-Ransomware and PowerShell protection |
Anti-Ransomware and PowerShell protection analyzes activity for indicators of both ransomware behavior (by both signature-based and behavioral analysis) and fileless malware, such as malware run using PowerShell. The Cybereason platform then takes the results of the Anti-Ransomware and PowerShell Protection and detects and alerts you to such activity and also prevents it, based on your selected configuration. |
Exploit protection |
Cybereason Exploit protection uses various security mitigation techniques to prevent attackers from successfully exploiting software vulnerabilities. |
EDR |
Cybereason EDR combines the full power of the Cybereason platform to collect and analyze all activity on every machine; generate evidence, suspicions, and MalOps to alert you to known malicious behavior; and potentially respond to or prevent such activity (depending on your needs). |
XDR |
Cybereason XDR enables you to collect log data from other parts of your organization without the need to install additional sensors. XDR works with the existing EDR framework to correlate all data from across your organization and have visibility into areas of your organization’s network where you lacked visibility. |
CWP |
Cybereason CWP uses the full capabilities of the Cybereason platform to collect information from Docker container and Kubernetes clusters to find malicious activities in containers or clusters. This data integrates with all other collected data to provide a fuller picture of your organization. |
Note
NGAV features are optional. Cybereason recommends enabling NGAV features to achieve the highest level of protection.