RevBits Endpoint Security V Sophos
RevBits Endpoint Security V Sophos
RevBits Endpoint Security V Sophos
Save Money: Malware and ransomware cost businesses thousands of dollars annually. Deploying 1. Malware Detection and Blocking: RevBits EPS is the only EPS solution which conducts a three-phased
endpoint software can help mitigate threats and save users money. Accenture reports that a cyber- review of new executables to include: 1. Signature Comparison, 2. Machine Learning Verification, 3.
attack can cost a company $2.4 billion on average, which Sophos mitigates by deploying preemptive Behavioral Analysis
defense tactics.
2. Prevent and Block Kernel Drivers: RevBits Endpoint Security currently holds two US Patents. Both US
Top-rated Malware Detection: The product has received numerous awards from Gartner, Av-
test.org, SE Labs and more. Users will receive a product that has won a Tech Innovator award from Patents are centered around RevBits technology to detect, analyze, and block kernel drivers - both signed
CRN, based on the uniqueness of their suite of features, which preemptively target malware, and and unsigned drivers.
offer superior device and policy management.
3. USB Policy Control: RevBits Endpoint Security provides system administrators with establishing extensive
USB device policy through its USB manager.
Sophos Intercept X-EDR(SO) Data Sheet Features and RevBits Endpoint Security (EPS) 4. The Most Agile EDR Available: RevBits Endpoint Security’s EDR allows system administrators to conduct a
match-up points: complete forensic investigation on both s single workstation or on multiple workstations at one time.
SO: EDR combined with the strongest endpoint protection 5. Isolation for Security: RevBits Endpoint Security isolates new executables for analyzing and classifying
RevBits EPS: Deploys a three-phased analysis of new executables, utilizes an advanced exploit that are running on the endpoint, which further protects the network from malicious executables.
detection and prevention engine, and the most functional EDR module available in both GUI and
command line. 6. Full command logging: RevBits Endpoint Security records all commands executed in Powershell and
command prompt at all workstations, including source code of scripts (batch or Powershell). Administrators
SO: Deep Learning Malware Analysis can audit all scripts executed in the entire network in a matter of minutes.
RevBits EPS: Offers a lightweight and seamless sandbox for analyzing and classifying
executables that are running on the endpoint, which further protects the network from malicious 7. Workstation level firewall rules: RevBits Endpoint Security allows administrators to define and manage
executables. host-level firewall rules. These rules can be automated to block network and/or internet access when a
machine reports a malicious activity.
SO: On-demand curated threat intelligence from SophosLabs
RevBits EPS: Utilizes intelligence gathered by RevBits researchers and from other commercial 8. Instant access to workstations and process history: RevBits EPS maintains entire process hierarchy,
threat intelligence feeds. hashes, username and workstation information of all executed processes in all workstations. With its custom
live access system, administrators can query a single workstation for IoC’s within a matter of seconds.
SO: Machine learning detection and prioritization of suspicious events
RevBits EPS: Is the only EPS solution which conducts a three-phased review of new executables
to include: 1. Signature Comparison, 2. Machine Learning Verification, 3. Behavioral Analysis. Why is RevBits Endpoint Security’s EDR module so Agile and Capable?
SO: Guided investigations make EDR approachable yet powerful
Here are the top reasons:
RevBits EPS: EDR allows system administrators full complete visualization of endpoints and any
infection to include origination and any spawned executions. With the vast visualization provided 1 Process Management with extensive details - view, kill, and launch processes.
by RevBits EPS-EDR administrators can conduct and extreme array of remediation and the 2. Complete Registry Explorer - all within the browser with capabilities of Windows Registry Explorer.
midigation of actions such as: conduct a complete forensic investigation from either GUI or 3. Complete File Explorer - all within the browser with capabilities of Windows Explorer.
Command Line to conduct: Process management (list, kill, force kill, dump memory), Registry 4. Manage Windows drivers and services with complete access (view/edit/delete/start/stop).
Explorer (list, read, write, update), File Explorer (full filesystem), Memory dump, Disk/drive
5. Automatic forensic artifact extraction.
dump, Services/Drivers management, Anti-rootkit functionality.
6. Remote memory dump or process memory dump.
SO: Respond to incidents with a single click 7. Remote disk and drive dump.
RevBits EPS: EDR allows system administrators to conduct a complete forensic investigation on 8. Remote shell access from both Powershell and command prompt.
a single workstation or multiple workstations, at one time. 9. Inspect and analyze system startup entries.