-
SecurityScorecard
Cybersecurity risk assessment platform
-
CyberArk
Global leader of Privileged Access Management.
-
Digital Guardian
The industry's only SaaS solution for enterprise DLP.
-
BigID
It is a global leader in Data Security Posture Management (DSPM).
-
Monitorapp
It has the largest market share of web firewall in Korea. Provides Secure Web Gateway(SWG) and SSL Visibility Solution.
-
Trend Micro
Security solutions of Enterprise/Datacenter/Cloud environment/Network and Endpoint.
-
eNsecure
Application forgery prevention and API anomaly detection and management, enterprise mobile endpoint and mobile application security
-
MS Azure - Defender for IoT
Threat monitoring and detection of managed and unmanaged IoT assets
-
Skyhigh Security
Skyhigh Security focused on cloud security
-
DONGHOON Itech
DONGHOON Itech provides solution to reduce security inspection costs and deploy a regular security inspection system.
EDR Solution
DONGHOON Itech is carrying out various businesses such as ICT consulting-based security.
What is EDR?
- EDR is a concept, not a solution. In order to overcome the technical limitations of traditional endpoint security solutions, it can be said to be a kind of methodology for endpoint security that has recently recognized the need to be introduced worldwide. It aims to secure the organization's security by gaining visibility and obtaining forensic evidence that traditional endpoint security solutions cannot find.
- Why do we need EDR?
-
Typical endpoint security solutions include DLP and AV. They prevent the leakage of important information within the organization and plays a role in protecting the organization's digital assets from malware infection. However, despite the introduction and operation of these solutions, the organization's important digital assets are being leaked or damaged by malicious codes such as ransomware. Behaviors that attempt to leak data within the organization or methods of malicious codes are becoming more intelligent and advanced. In other words, the limitations of existing traditional endpoint security solutions are clearly being revealed. In order to solve the shortcomings of these existing traditional endpoint security solutions, it is necessary to apply the endpoint security methodology called EDR to the organization. By collecting the execution log of all executable files executed in the endpoint terminal and the lifecycle log of document files, which are unstructured data, visibility is secured. Based on such visibility, if the leakage behavior of the organization's digital assets is monitored and controlled in advance, the organization's endpoint security will be improved if all behaviors of malicious code are monitored and controlled.
- What are its advantages?
-
Donghoon I-Tech offers the following solutions with EDR capabilities:
1. Digital Guardian, an EDR-based endpoint DLP solution that monitors and controls internal information leaks.
2. Trend Micro, which tracks, detects, investigates, and responds to threats faster with EDR to stop attacks.
- Digital Guardian is a next-generation endpoint-based DLP solution that offers EDR capabilities. Traditional DLP solutions provide the ability to search and control document content at the point of data leakage outside the endpoint. However, Digital Guardian provides greater flexibility and broader control than existing competing products because it monitors and controls data exfiltration based on all logs for all executable files occurring on the endpoint and lifecycle logs for documents.
- Trend Micro Endpoint Detection and Response (EDR) leverages a combination of continuous real-time monitoring, endpoint data collection, and advanced correlation capabilities to detect and respond to suspicious activity across host and endpoint connections. This approach allows security teams to quickly identify and correlate activity, enabling high-confidence detections using manual and automated response options.
- How does it help?
-
Donghoon I-Tech only offers solutions that optimize EDR capabilities.
1. Digital Guardian is a next-generation, log-based endpoint DLP solution that provides 100% visibility into structured and unstructured data.
2. Trend Micro EDR detects, tracks, investigates, and responds to potential threats within a security environment.- Digital Guardian provides endpoint data loss prevention (DLP) capabilities for incoming and outgoing data, based on EDR monitoring (collecting all structured and unstructured data logs) through a single agent. Additionally, by integrating device control, customers can dramatically reduce the number of agent-based security solutions they need. It provides a role to perform security processing on behalf of the endpoint through integration with network-based APT solutions such as Palo Alto and FireEye.
- Trend Micro EDR provides complete oversight of security-related processes on the endpoint. EDR's broad scope allows security teams to focus on issues in real time and observe all commands and processes in use on endpoints. This provides a comprehensive view of endpoint activity and facilitates easy response to any anomalies that arise.
3rd, 6th floors, DongHoon Bldg., 225 Yeoksam-ro, Gangnam-gu, Seoul
+82-580-6300
+82-580-6300
© 2021 DONGHOON Itech. ALL RIGHTS RESERVED.