English

Yulevo Sentry -Endpoint Detection and Response (EDR)

Useful, good endpoint deep threat detection and response

Request Trial

Yulevo Sentry EDR is a new-generation enterprise-level endpoint security protection platform independently developed by Yulevo to help users build a data-driven endpoint risk management system, and deeply centered on endpoint threat intrusion detection and response scenarios.

https://static.yulevo.com/en-frontendcdn/assets/images/a506b3356b1d24475981ded02520bbbb.jpg

Challenges Overview Functions Advantages Case

Security Challenges

At present, endpoint security is facing severe attack challenges. Phishing attacks are relentless, virus variants emerge one after another, and mining Trojans are rampant. The rapidly evolving attack techniques and tactics as well as ever-escalating attack intensity are reshaping the new landscape of terminal confrontation in modern cybersecurity wars. It is extremely urgent to completely replace the traditional endpoint security defense systems with new systems.

Protection failure and
inability to cope with
advanced attack tactics

Advanced threats such as advanced persistent threats, fileless bypass technology and generative AI, attacks are spreading from production business to office terminals. It is difficult to find those highly covert and complex threats with traditional endpoint security detection methods.

Massive misinformation
and difficulty in confirming
real attack alarms

Over-reliance on single-point detection without global analysis leads to the amplification of detections to avoid false alarms, resulting in a massive volume of security alarms. The endpoint security lacks adaptive ability, making it difficult to integrate into complex user network environments and meet security traceability requirements.

Low compatibility and uneven
adaptation of information
technology application
innovation assets

The operating system and hardware adaptation of information technology application innovation terminals are not optimized sufficiently, which cannot give full consideration to resource consumption, terminal experience and security protection, and it is difficult to meet the unified security protection and management requirements of users' various types of terminals.

Inefficient management
and difficulty in full control
of the risk situation

It is difficult to continuously and dynamically detect the frequently changing terminal operation status and the risk indicators using traditional endpoint security and desk management tools, which makes it difficult for security teams to regularly detect the asset health status and respond to potential security threats in advance.

Product Overview

Yulevo Sentry EDR focuses on the endpoint security perspective, and has the capabilities of deep threat detection and multi-dimensional response covering the whole process of terminal asset risk detection, security judgment, threat analysis, event traceability and response handling, providing enterprises with a one-stop endpoint security closed-loop solution that can truly cope with new and advanced attack threats.

Product Functions

Through accurate intrusion detection, intelligent threat perception, agile response mechanism and detailed asset control capabilities, Yulevo Sentry EDR provides users with endpoint security protection that”cannot be bypassed, cannot be penetrated, can be blocked, and can be controlled”. Regardless of complex APT attacks, frequently mutated ransomware viruses, cleverly disguised phishing attacks, or mining Trojans spreading in a variety of ways, Yulevo Sentry EDR can accurately identify and quickly respond to them, ensuring that the risk of endpoint assets is clearly controllable, and that the threat of attack is revealed in its original form.

Advanced threat detection and response

Deep threat detection: Yulevo Sentry EDR sets detection anchor points for all attack positions in the whole attack path of hackers; it sets specific continuous detection points for the attack paths in combination with attack techniques, tactics and scenarios.

Professional attack traceability: With regards to all detected threats, the product provides detailed attack principles, attack methods, attack information and repair suggestions; it clearly marks the tactics and attack stages used by attackers, providing path-level event traceability.

Flexible and secure handling: The product supports automatic response combination configuration of multiple response elements, attack types, risk levels and other triggering conditions, making users' defense strategies more effective.

Ransomware protection

The Yulevo Sentry EDR end-side anti-ransomware scheme directly hits the pain point of ransomware attack, helping users build a systematic ransomware attack resistance ability of “normal, before, during and after events”.

The scheme successfully passed the V2.0 certification of the new-generation ransomware protection capability test system of SKD Labs, and Ni Guangnan, an academician of the Chinese Academy of Engineering, awarded Yulevo the first batch of “Starcheck” ransomware protection capability certificates, which indicated that the ransomware protection capability of Yulevo Sentry EDR end-side scheme reached the international level.

Endpoint phishing

Yulevo Sentry EDR provides comprehensive terminal phishing protection for enterprises, which can detect the running process, network and file behaviors, quickly find and block malicious credential theft, malicious phishing, malicious document execution and other behaviors.

Mining protection

The behavior of virtual currency “mining” will lead to a significant decline in the computing performance of the device. Attackers can control the zombie host infected with mining virus to carry out horizontal diffusion attacks in intranet, and even deliver ransomware into it to demand ransom.

Yulevo Sentry EDR can accurately identify and intercept the invasion of mining viruses and Trojans, intercept the mining program at the process level, block the callback of its mining pool,and ensure the endpoint security.

Virus detection and killing

Yulevo Sentry EDR integrates multiple virus detection and killing engines to realize one-time scanning and multi-dimensional detection, providing users with detailed detection and judgment information and professional handling suggestions, and improving the efficiency of secure operation.

The targeted optimization is conducted to mining Trojans, worm viruses, hacker tools, etc. by combining Yulevo's self-developed detection and killing engine, significantly improving detection accuracy.

Security control

According to the requirements of enterprise endpoint security management and regulatory compliance, Yulevo Sentry EDR has launched a security control module to meet the strict control demands of enterprises for external devices, software and files.

Asset ledger & risk situation

Yulevo Sentry EDR can help users automatically collect terminal information, form normalized asset ledger and change logs, help users establish a data-driven terminal risk management system, and provide effective data support for attack surface convergence, vulnerability fixing, system reinforcement and other security-related work.

When a security incident occurs, the asset ledger can quickly provide detailed information of the endpoint device, and help the security team quickly locate the source of the problem, and formulate emergency measures, effectively improving the security emergency response capability.

Product Advantages

Comprehensive attack
detection

Pass the authorized certification of SKD Labs, and deeply cover 99% of the attack technology points in ATT&CK® (v14) framework. Have many capabilities such as deep threat detection, AI function detection engine and intelligent noise reduction.
Quick threat
handling

Build a complete event correlation + event flow traceability capability based on the comprehensive asset ledger and original security event log data, and provide 30+ combined response handling means.
Clear asset
ledger

Quickly form an asset graph, dynamically perceive the changes of asset indicators, and deeply detect the “two highs and one weakness” (i.e. high-risk vulnerabilities, high-risk ports, and weak passwords) problems faced by the terminal.
Easy device
management

Fully cover mainstream Windows PC and domestic PC systems, and support unified deployment and management of terminal, host and container security systems.