Introducing Open Source EDR
Comodo is proud to offer our EDR as open source because we feel strongly that as cyber-threats increase, every company should have access to this capability regardless of their budget or ability to purchase it
We at Comodo believe in creating an open source cybersecurity platform where products and services can be provisioned and managed together. EDR is our starting point.
OpenEDR is a full blown EDR capability. It is one of the most sophisticated, effective EDR code base in the world and with the community’s help it will become even better.
the following components:
the basic framework;
components for per-process monitoring;
the genetic container for different kernel-mode components;
the kernel component that hooks I/O requests file system;
monitors processes creation/deletion using system callbacks
monitors registry access using system callbacks
prevents EDR components and configuration from unauthorized changes
network filter for monitoring the network activity
Have questions about our OpenEDR open-source code? Join our open community! The community allows members to ask and respond to questions, interact with other users, and review topics related to OpenEDR.Enroll Today
Open EDR allows you to enhance your existing EPP with actionable data to track
suspicious activities related to ransomware, data breaches and malware
Injected DLL libraries are available for different processes and hooks API calls
Loader for Injected DLL driver component loads injected DLL into each new process
Controller for Injected DLL service component for interaction with Injected DLL;
Ransomware, Data Breaches, & Malware
Proven to be the best way to convey this type of information,
provide more than just data, they offer actionable knowledge.
- We will tailor the group policy to your requirements including endpoint-specific policies for enhanced security
- Real-time visibility and continuous analysis are the vital elements of the entire endpoints
- Infinitely more telemetry data can be collected via fuly customizable policies
- Protection against zero-day web threats, without hindering employee productivity.
- Detect 100% of unknown fileless threats with Comodo's intelligent file analysis engine.
- Apply our recommended policy, created upon a examination of threat behavior analytics.
- Attack vectors are shown on your dashboard combining with file trajectory and process hierarchy.
- Process-based events are shown in a tree-view structure to help analysts better understand process behavior.
- Device trajectory details are provided with separate screens to drill down into devices for insight when investigating attack vectors.
Don't have the technical knowledge to setup OpenEDR? Get continuous real-time visibility of your endpoints with detection & response. Your IT team will be able to identify attacks with accurate root-cause analysis for effective remediation intelligence. Proven to be the best way to convey this type of information, provide more than just data, they offer actionable knowledge.Learn More