Multiplatform coverage
ESET Enterprise Inspector supports Windows and macOS, which makes it a perfect choice for multiplatform environments.
Threat Hunting
Apply data filters to sort it based on file popularity, reputation, digital signature, behavior or contextual information. Setting up multiple filters allows automated, easy threat hunting, including APTs and targeted attacks, which is customizable to each company’s environment. By adjusting behavior rules, ESET Enterprise Inspector can also be customized for Historic Threat Hunting and “rescan” the entire events database.
Open architecture and integrations
ESET Enterprise Inspector provides a unique behavior and reputation-based detection that is fully transparent to security teams. All rules are easily editable via XML to allow fine-tuning or easily created to match the needs of specific enterprise environments, including SIEM integrations.
Investigation and Remediation
Use a built-in set of rules or create your own rules to respond to detected incidents. Each triggered alarm features a proposed next step to be performed for remediation. This quick response functionality helps to ensure that any single incident will not fall through the cracks.
Company Policy Violation Detection
Block malicious modules from being executed on any computer in your organization’s network. ESET Enterprise Inspector’s open architecture offers the flexibility to detect violations of policies about using specific software like torrent applications, cloud storage, tor browsing or other unwanted software.
Scoring
Prioritize the severity of alarms with scoring functionality that attributes a severity value to incidents and allows the admin to quickly identify computers with a higher probability of a potential incident.
Data collection
View comprehensive data about a newly executed module, including time of execution, user who executed, dwell time and attacked devices. All data is locally stored to prevent sensitive data leakage.