Endpoint Controls

With Endpoint controls, you can secure frequently exploited points of access on an endpoint, such as removable devices or incoming/outgoing connections. Endpoint controls allow organizations to enhance security posture, protect environments against a variety of threats, and reduce the attack surface.

Note

You can add the Endpoint controls feature to your instance of the Cybereason platform for an additional cost. For information on how to use this feature, see Enable Endpoint controls below.

The Endpoint controls feature is supported on Windows endpoints only. For details on supported platforms, see Endpoint machine prevention features.

Watch this video to learn how Endpoint controls can protect your organization.

How do endpoint controls protect my organization?

The Endpoint controls feature includes the following options:

  • Device control to restrict the access of external storage devices, which may be used to infect endpoint machines with malicious files or to exfiltrate sensitive data.

  • Personal Firewall Control to reduce network communication risks by restricting incoming and outgoing connections.

  • Full disk encryption visibility to identify endpoints that are not running full disk encryption and are potentially vulnerable to data compromise.

Endpoint Controls Screen

Endpoint controls allow you to configure Device control and Personal firewall control settings for a specific policy. Sensors that are assigned that policy adopt these settings. For more information about managing policies, see Sensor Policies.

Note

While the Device control and Personal firewall control options are managed in the System > Policies management screen, full disk encryption detection is currently available as part of a query in the Investigation screen. In future versions, full disk encryption visibility will also be visible in the Policies management screen.

Enable Endpoint controls

To enable and configure Endpoint controls:

  1. Contact your Customer Success representative to purchase the Endpoint controls feature.

  2. Contact Technical Support to enable the feature so that it is visible in the Cybereason UI.

  3. Once you can view the Endpoint controls option in the menu under System > Policies management > Create/Edit Policy, you can configure the Endpoint control options.

    For more details, see:

Note

If you are upgrading from a version earlier than version 19.2, follow steps 1-2 above, even if your organization has the NGAV package.