Vir.IT Cloud Console & EDR

Advanced Cyber ​​Security services for Endpoint protection

TG Soft has also integrated advanced Cyber ​​Security services with E.D.R. (Endpoint Detection & Response) into the Vir.IT eXplorer PRO AntiMalware Suite.

This type of service, integrating the Vir.IT eXplorer PRO suite, helps companies manage all devices more efficiently by increasing security through advanced endpoint monitoring and management for the prevention of sophisticated or new generation attacks such as, for example, Ransomware attacks or targeted A.P.T. (Advanced Persistent Threat) attacks.

Vir.IT Cloud Console & EDR

Why use the Vir.IT Cloud Console & EDR?

First Slide
Active in a few steps

Additional services available on your license of Vir.IT eXplorer PRO, no additional hardware or software to configure.

First Slide
Easy and intuitive

Easy and intuitive dashboard, with secure access via 2FA with APP and can be used wherever you are, whether on a PC or smartphone.

First Slide
Complete monitoring of the endpoints

Monitor the security of all your devices from a single panel, receive instant ALERT via email.

Vir.IT eXplorer PRO + Cloud Console

Vir.IT Cloud Console is the new Cloud console at the service of technicians/systems engineers that allows you to monitor all the Endpoints where Vir.IT eXplorer PRO is installed, either in Standalone mode or via Vir.IT Console Server/Client, with a wider control, continuous monitoring and the possibility to activate instant alerts that allows you to prevent future or current cyber attacks.
The Cloud Console service allows you to analyze the LOGs and reports of the following Vir.IT eXplorer PRO modules:
  • Autorun: Reports regarding the Intrusion Detection system for monitoring the persistence of threats and programs placed in automatic execution.
  • Options: Antivirus settings/configurations.
  • AntiRansomware: Alerts regarding AntiRansomware protection with detailed information about the blocked process and the files involved.
  • AMSI: Alerts regarding Vir.IT AMSI (AntiMalware Scan Interface) module, feature introduced by Microsoft in Windows 10, which allows real-time analysis of specific operations performed by the system, enabling threat detection at the initial stage of the infection chain permettendo la rilevazione delle minacce nella fase iniziale della catena di infezione even in the case of new generation threats.
  • SHELL: Alerts regarding Vir.IT SHELL module, Interface for monitoring activities via Windows SHELL functions. This plugin allows you to detect next-generation threats through heuristic control and in the Cloud. It interfaces with email clients to check malicious attachments or links when opening.
  • WebFilter: Module for analysis of web browsing and DNS resolution.
  • Real Time Protection: Alerts from the real-time protection system (Vir.IT Security Monitor).
  • Report Scans: Report on on-demand scans started in computers.
  • Vir.IT Outlook Addin: Alerts regarding Vir.IT Outlook Addin module, available only for 32bit Microsoft Outlook © email clients. This tool checks the email messages.
  • Updates:: Report on the status of Antivirus updates on PCs/SERVERS.
Vir.IT Cloud Console & EDR adds EDR functionality which allow proactive monitoring of suspicious events and a faster response to security incidents. The EDR service offers, in addition to all the features present in Vir.IT Cloud Console, the following additional features:
  • Endpoint Sensor: Connections between processes running on the device and IP connections made by the process itself.
  • RDP: Report of RDP connections made on devices.
  • Processes: report of the processes started on the device and considered by Vir.IT eXplorer PRO as potentially dangerous.
  • AMSI: report of suspicious operations identified by the Vir.IT AMSI module (AntiMalware Scan Interface).
  • SHELL: report of suspicious operations identified by the Vir.IT SHELL module.

Functionality included in both services

First Slide
Alert

Email alerts on certain categories of activity found in monitored endpoints:

  • Vir.IT uninstallation
  • Disabling real-time protection
  • Failure to load real-time protection.
  • Reports from the AntiRansomware module.
  • Failure to update the Antivirus
  • Execution of processes considered suspicious by Vir.IT EDR

First Slide
Info System

Endpoint “System Info” report that provides information about device configuration.
Such as Windows updates, Windows firewall, etc., list of active shares in the device, Antivirus protection status and update status of the most well-known software (e.g. Java, Adobe Reader, Browser, etc.)

First Slide
PC and Group List

List of paired devices at license, with quick view of PC name, OS and MAC address.
Chromatic feedback of the device's security status and possibility to insert notes.
Divide PCs/SERVERS into GROUPS for better organization and management.

TG Soft Cyber Security Specialist offers a remote SOC support service for the analysis and verification of reports/information reported by Vir.IT Cloud Console & EDR through its specialized IT technicians. With the remote SOC support service, our Researchers & Malware Analyst with decades of experience, will support the SOC’s analysis activity of the company to better integrate the prevention and mitigation of cyber attacks.

Integrate the company SOC with our highly specialized support service, our IT researchers will increase company security, working alongside the IT team to prevent cyber attacks and minimize IR (Incident Response) activity and recovery times.


C.R.A.M. TG Soft
C.R.A.M. TG Soft

Vir.IT eXplorer PRO is certified by the biggest international organisation: