Solutions for IT Security:

Incident Response and SOC Operations

1E’s real-time threat hunting and incident response capabilities enable you to react to breaches and vulnerabilities up to 300 times faster than our closest competitors. We also provide unparalleled visibility into all of your endpoint devices and the software they run, even for remote, non-VPN connected devices. Interoperability with multiple tools and other IT teams are crucial elements for a secure IT environment. Role based access controls and RESTful API features facilitate interoperability and automation. Ensure security without disrupting the business.

Incident Response and SOC Operations
Incident Response and SOC Operations

Protect
Harden your environment by changing the rules. Make RDP, SSH and other access protocols “on-demand”. It’s impossible to attack something that doesn’t exist. Improve patch success and blacklist processes to prevent malware execution.

Detect
Automate advanced detection capabilities and threat hunt in real time, across all of your endpoints.
With Tachyon, your response and remediation options are literally limitless. Kill processes, change settings, even quarantine devices on-demand.

Respond
Tachyon is an extensible platform, so in just a few minutes you can craft specific responses to specific incidents, as they happen. You can also leverage the community in the Tachyon Exchange to request help and extend capabilities when the need arises.

Use cases
Privileged Access On-Demand

Privileged Access On-Demand

Protect machines from unauthorized access (eliminating 3 of the top 5 attack vectors) and prevent unapproved change by making administrative rights and access protocols (RDP, SSH, etc.) available on demand for privileged users only. Enable RDP, SSH, etc. protocols and Administrative rights on a given endpoint in real time. Integrate with change control so that access to a system is only possible for specifically approved users during approved change windows.

Discovery and Inventory

Discovery and Inventory

Identify all network connected devices. Gather in-depth detail of software, hardware and network connections. Discover unmanaged devices, and bring them under control. Populate your CMDB with the latest data. Perform SAM inventory. Understand relationships between devices, and extend inventory capabilities as required to gather additional details on-demand.

Real Time Investigation and Remediation

Real Time Investigation and Remediation

Massively reduce support cost and remediation times. Query and take action on one, many or all endpoints in seconds. Integrate with ServiceNow and other ITSM tools to embed real-time endpoint interaction with Incident management and self-service capabilities. Automate troubleshooting and remediation with Incident Templates. Enable advanced self-heal capabilities for end-users.

Endpoint DR

Endpoint DR

React to issues, ransomware and malware attacks in real time. Quarantine devices instantly to prevent lateral movement as soon as an incident is identified. Enable complete remote OS rebuild (while in Quarantine). Endpoint DR ensures you can move faster than malware and rapidly recover those machines were initially impacted.

Patch Management

Patch Management

Get improved, real-time visibility into patch status. Improve patch success by monitoring SCCM health and repairing issues with WMI or Agents as they arise. Use Directly install zero day and third-party updates. Increase speed, improve reporting and improve success rates.

Automated Phishing Response

Automated Phishing Response

Search endpoints to identify which have connected to URL’s and IP addresses which are known to relate to Phishing attacks. Integrate with ServiceNow SecOps to automate a full endpoint sweep in real time as part of Phishing Incident Response templates.

Blacklisting and Bitlocker control

Blacklisting and Bitlocker control

Leverage the power of Windows and other OS’s native security controls across the enterprise. Blacklist specific processes for specific users, or all users on all devices. Enable and disable process blacklisting on-demand in real time. Report on and control BitLocker across all Windows endpoints from a single console. Bring enterprise control to these endpoint-specific functions.

Agent replacement

Agent Replacement

Leverage the power of Tachyon to replace multiple agents. Replace several individual agents that provide subsets of Tachyon functionality. Reduce endpoint resource consumption and server infrastructure, as well as maintenance and subscription costs.

Get in touch
Want to know more? We’re here to help.
We’ve got support centers at 1E global HQ in London, and offices in New York and Delhi.
Interested in becoming a partner, or building solutions using 1E? Our partner community can help.
Help spread the word about stronger security using 1E.