Solutions for IT Security:
Incident Response and SOC Operations
1E’s real-time threat hunting and incident response capabilities enable you to react to breaches and vulnerabilities up to 300 times faster than our closest competitors. We also provide unparalleled visibility into all of your endpoint devices and the software they run, even for remote, non-VPN connected devices. Interoperability with multiple tools and other IT teams are crucial elements for a secure IT environment. Role based access controls and RESTful API features facilitate interoperability and automation. Ensure security without disrupting the business.
Harden your environment by changing the rules. Make RDP, SSH and other access protocols “on-demand”. It’s impossible to attack something that doesn’t exist. Improve patch success and blacklist processes to prevent malware execution.
Automate advanced detection capabilities and threat hunt in real time, across all of your endpoints.
With Tachyon, your response and remediation options are literally limitless. Kill processes, change settings, even quarantine devices on-demand.
Tachyon is an extensible platform, so in just a few minutes you can craft specific responses to specific incidents, as they happen. You can also leverage the community in the Tachyon Exchange to request help and extend capabilities when the need arises.
Guaranteed State from 1E provides the automation of configuration and security controls and lets you report on the current state of all your endpoints and their settings in real-time, with automatic remediation and notification in the event of configuration change.
Discovery and Inventory
Identify all network connected devices. Gather in-depth detail of software, hardware and network connections. Discover unmanaged devices, and bring them under control. Populate your CMDB with the latest data. Perform SAM inventory. Understand relationships between devices, and extend inventory capabilities as required to gather additional details on-demand.
Real Time Investigation and Remediation
Massively reduce support cost and remediation times. Query and take action on one, many or all endpoints in seconds. Integrate with ServiceNow and other ITSM tools to embed real-time endpoint interaction with Incident management and self-service capabilities. Automate troubleshooting and remediation with Incident Templates. Enable advanced self-heal capabilities for end-users.
React to issues, ransomware and malware attacks in real time. Quarantine devices instantly to prevent lateral movement as soon as an incident is identified. Enable complete remote OS rebuild (while in Quarantine). Endpoint DR ensures you can move faster than malware and rapidly recover those machines were initially impacted.
Get improved, real-time visibility into patch status. Improve patch success by monitoring SCCM health and repairing issues with WMI or Agents as they arise. Use Directly install zero day and third-party updates. Increase speed, improve reporting and improve success rates.
Automated Phishing Response
Search endpoints to identify which have connected to URL’s and IP addresses which are known to relate to Phishing attacks. Integrate with ServiceNow SecOps to automate a full endpoint sweep in real time as part of Phishing Incident Response templates.
Blacklisting and Bitlocker control
Leverage the power of Windows and other OS’s native security controls across the enterprise. Blacklist specific processes for specific users, or all users on all devices. Enable and disable process blacklisting on-demand in real time. Report on and control BitLocker across all Windows endpoints from a single console. Bring enterprise control to these endpoint-specific functions.
Leverage the power of Tachyon to replace multiple agents. Replace several individual agents that provide subsets of Tachyon functionality. Reduce endpoint resource consumption and server infrastructure, as well as maintenance and subscription costs.