Endpoint Security

Tayef offers you an endpoint security solution, through which you can confront the overall threat lifecycle to prevent the impact of attacks on endpoints. We take pride in ensuring the best endpoint security solutions by partnering with SentinelOne, as our trusted vendor, using SentinelOne NGEPP, EDR and Antivirus solutions.

It unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation. By joining hands with SentinelOne’s, our approach addresses the entire threat execution lifecycle (pre-execution, on execution, and post-execution) to detect advanced malware, exploits and sophisticated attacks, and respond to any threat at machine speed. SentinelOne, is the only platform that helps in preventing each endpoint from any kind of attacks. It offers broad protection against various forms of attacks including:

a) Malware

  • Executables – Trojans, malware, worms, backdoors, payload-based
  • Fileless – Memory-only malware, no-disk-based indicators

b) Exploits

  • Documents – Exploits rooted in Office documents, Adobe files, macros, spear phishing emails
  • Browser – Drive-by downloads, Flash, Java, Javascript, VBS, IFrame/HTML5, plug-ins

c) Live/Insider

  • Scripts – Powershell, WMI, PowerSploit, VBS
  • Credentials – Mimikatz, credentials scraping, tokens

Features and Benefits:

  • Detection And Preventative Measures Are Performed On The Endpoint Device, And Agents Are All Connected To A Central Management Console
  • Agent Does Not Sit In-Line, As A Means Of Preserving Server Performance And Flexibility
  • Runs At Low Priority On The System, And Consumes Between 0%-4% Cpu Cycles
  • Extracts All Relevant Operations Data
  • Dynamic Behavior Analysis
  • Runs Sophisticated Pattern Matching Algorithms To Detect Malicious Behaviors
  • Mitigation
  • Highly-Scalable And Lightweight Agent-Based Solutions
  • Monitors All Activity At Both The Kernel Level And In User Space
  • Can Easily Restore Deleted Files, And Roll Back Modified Files To Their Previous Trusted States
  • Immunization
  • Provides A Layer Of Preemptive Protection By Leveraging Multiple Leading Cloud Reputation Services
  • Detailed, Real-Time Forensics

One of the most reported vulnerabilities originate from third-party apps and, since you have compliance mandates to uphold, patching isn’t merely optional. We make it easier for you by providing Ivanti’s Patch Management for SCCM, which is powered by Shavlik. This is a plug-in to SCCM, which helps in automating the procedure of deploying and discovering your third-party app patches, via SCCM console. SCCM Patch decreases the risks and offers you the time needed to support your core business goals.

Patch management remains one of the most effective means of thwarting attacks, including ransomware. The premise is simple: Reduce the known vulnerabilities in your environment to minimize the exploitable surface area. To protect against ransomware in particular, be sure to patch the operating systems, Microsoft Office, .NET, Adobe applications, the browsers and browser plug-ins. To that end, centralized patch management is key. Without a centralized solution, you need to rely on multiple individual updates from every software vendor. That becomes impossible to manage, it can degrade endpoint and network performance, and it assumes users aren’t turning off auto-updates and exposing you to risk.

Features and Benefits

  • Keeps Systems Updated And Free From Application And Configuration Vulnerabilities
  • Ensures No Management Or Patch “Blind Spots” With Comprehensive Coverage For All Major Platforms, OS Versions, And 3rd Party Apps
  • Maintains Detailed Inventory Of Both Physical And Virtual Systems For Audit Readiness
  • Lowers Admin Burden Via Continuous, Automated Policy And Task Enforcement
  • Facilitates Easily-Built Customized Remediation Specific To Individual Environments
  • Single Solution For Heterogeneous Environments
  • Simplified Entitled Content Rights Management Across Supported Entitled Platforms
  • Advanced Patch Deployment And Reboot Control
  • Policy Baselines For Automation Of System Management Tasks
  • Software Deployment And Removal
  • Power Management
  • Continuous Policy Enforcement Of Patches, Remediations And Configurations
  • Integration With Endpoint Management And Security Suite
  • Improves Operational Efficiency
  • Get More for Your Money by Importing, Managing, Syncing and Deploying Critical Patch Information by Utilizing Familiar SCCM’s Features and Workflows.
  • Patch More Without Consuming More Time By Downloading Patch Information, And Automatically Distributing Patches For Various Applications, Especially The Ones Most Vulnerable To Be Attacked.
  • Leverage Years Of Experience Creating And Deploying Patches And A Patching Database That Leads The Industry In Extensive Pre-Download Testing.

If you want to increase productivity, you must offer your users easier data access; most of the time, outside the network. However, this also increases the risk of malware and data loss through devices. We, offer Ivanti Device Control endpoint security solution. It is powered by Heat and offers scalable, effective protection which is best for virtualized or thin-client endpoints, fixed function assets and servers. This endpoint security solution enables you to instantly identify and secure endpoints to stop unauthorized usage of removable ports and devices. Moreover, it renders granular permissions to control access at device class (e.g., all USB flash drives), device group, device model and/or even unique ID levels; for instance, restrict access rights to a specific device of a company-approved model. It assigns permissions for authorized removable devices (such as USB sticks) and media (such as DVDs/CDs) to individual users or user groups; once in ‘enforcement mode’ only explicitly authorized devices/media/users are allowed access by default. The permission settings include read/write, forced encryption, scheduled/temporary access, online/offline, port accessibility, HDD/non-HDD devices and much more; can be set for individual and/or groups of users, machines, ports and devices.

Features and Benefits:

  • Per-Device Permissions
  • Device Whitelisting
  • Flexible Policy With Granular Control
  • Read-Only Access
  • Temporary/Scheduled Access
  • Offline Enforcement
  • Uniquely Identify And Authorize Specific Media
  • Context-Sensitive Permissions
  • Device Management
  • File Type Filtering
  • Data Copy Restriction
  • Extended Control Over Portable Devices
  • Detailed Forensics
  • Keylogger Detection And Enforcement
  • Policy-Based Encryption For Removable Storage
  • User-Enabled Encryption
  • Prevents Data Theft
  • Blocks Physical Malware
  • Enhances Security Policies
  • Secures Productivity Tools
+ Next Generation Endpoint Protection (NGEPP), Endpoint Detection and Response (EDR) and Antivirus

Tayef offers you an endpoint security solution, through which you can confront the overall threat lifecycle to prevent the impact of attacks on endpoints. We take pride in ensuring the best endpoint security solutions by partnering with SentinelOne, as our trusted vendor, using SentinelOne NGEPP, EDR and Antivirus solutions.

It unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation. By joining hands with SentinelOne’s, our approach addresses the entire threat execution lifecycle (pre-execution, on execution, and post-execution) to detect advanced malware, exploits and sophisticated attacks, and respond to any threat at machine speed. SentinelOne, is the only platform that helps in preventing each endpoint from any kind of attacks. It offers broad protection against various forms of attacks including:

a) Malware

  • Executables – Trojans, malware, worms, backdoors, payload-based
  • Fileless – Memory-only malware, no-disk-based indicators

b) Exploits

  • Documents – Exploits rooted in Office documents, Adobe files, macros, spear phishing emails
  • Browser – Drive-by downloads, Flash, Java, Javascript, VBS, IFrame/HTML5, plug-ins

c) Live/Insider

  • Scripts – Powershell, WMI, PowerSploit, VBS
  • Credentials – Mimikatz, credentials scraping, tokens

Features and Benefits:

  • Detection And Preventative Measures Are Performed On The Endpoint Device, And Agents Are All Connected To A Central Management Console
  • Agent Does Not Sit In-Line, As A Means Of Preserving Server Performance And Flexibility
  • Runs At Low Priority On The System, And Consumes Between 0%-4% Cpu Cycles
  • Extracts All Relevant Operations Data
  • Dynamic Behavior Analysis
  • Runs Sophisticated Pattern Matching Algorithms To Detect Malicious Behaviors
  • Mitigation
  • Highly-Scalable And Lightweight Agent-Based Solutions
  • Monitors All Activity At Both The Kernel Level And In User Space
  • Can Easily Restore Deleted Files, And Roll Back Modified Files To Their Previous Trusted States
  • Immunization
  • Provides A Layer Of Preemptive Protection By Leveraging Multiple Leading Cloud Reputation Services
  • Detailed, Real-Time Forensics
+ Enterprise Patch Management

One of the most reported vulnerabilities originate from third-party apps and, since you have compliance mandates to uphold, patching isn’t merely optional. We make it easier for you by providing Ivanti’s Patch Management for SCCM, which is powered by Shavlik. This is a plug-in to SCCM, which helps in automating the procedure of deploying and discovering your third-party app patches, via SCCM console. SCCM Patch decreases the risks and offers you the time needed to support your core business goals.

Patch management remains one of the most effective means of thwarting attacks, including ransomware. The premise is simple: Reduce the known vulnerabilities in your environment to minimize the exploitable surface area. To protect against ransomware in particular, be sure to patch the operating systems, Microsoft Office, .NET, Adobe applications, the browsers and browser plug-ins. To that end, centralized patch management is key. Without a centralized solution, you need to rely on multiple individual updates from every software vendor. That becomes impossible to manage, it can degrade endpoint and network performance, and it assumes users aren’t turning off auto-updates and exposing you to risk.

Features and Benefits

  • Keeps Systems Updated And Free From Application And Configuration Vulnerabilities
  • Ensures No Management Or Patch “Blind Spots” With Comprehensive Coverage For All Major Platforms, OS Versions, And 3rd Party Apps
  • Maintains Detailed Inventory Of Both Physical And Virtual Systems For Audit Readiness
  • Lowers Admin Burden Via Continuous, Automated Policy And Task Enforcement
  • Facilitates Easily-Built Customized Remediation Specific To Individual Environments
  • Single Solution For Heterogeneous Environments
  • Simplified Entitled Content Rights Management Across Supported Entitled Platforms
  • Advanced Patch Deployment And Reboot Control
  • Policy Baselines For Automation Of System Management Tasks
  • Software Deployment And Removal
  • Power Management
  • Continuous Policy Enforcement Of Patches, Remediations And Configurations
  • Integration With Endpoint Management And Security Suite
  • Improves Operational Efficiency
  • Get More for Your Money by Importing, Managing, Syncing and Deploying Critical Patch Information by Utilizing Familiar SCCM’s Features and Workflows.
  • Patch More Without Consuming More Time By Downloading Patch Information, And Automatically Distributing Patches For Various Applications, Especially The Ones Most Vulnerable To Be Attacked.
  • Leverage Years Of Experience Creating And Deploying Patches And A Patching Database That Leads The Industry In Extensive Pre-Download Testing.
+ Device Control

If you want to increase productivity, you must offer your users easier data access; most of the time, outside the network. However, this also increases the risk of malware and data loss through devices. We, offer Ivanti Device Control endpoint security solution. It is powered by Heat and offers scalable, effective protection which is best for virtualized or thin-client endpoints, fixed function assets and servers. This endpoint security solution enables you to instantly identify and secure endpoints to stop unauthorized usage of removable ports and devices. Moreover, it renders granular permissions to control access at device class (e.g., all USB flash drives), device group, device model and/or even unique ID levels; for instance, restrict access rights to a specific device of a company-approved model. It assigns permissions for authorized removable devices (such as USB sticks) and media (such as DVDs/CDs) to individual users or user groups; once in ‘enforcement mode’ only explicitly authorized devices/media/users are allowed access by default. The permission settings include read/write, forced encryption, scheduled/temporary access, online/offline, port accessibility, HDD/non-HDD devices and much more; can be set for individual and/or groups of users, machines, ports and devices.

Features and Benefits:

  • Per-Device Permissions
  • Device Whitelisting
  • Flexible Policy With Granular Control
  • Read-Only Access
  • Temporary/Scheduled Access
  • Offline Enforcement
  • Uniquely Identify And Authorize Specific Media
  • Context-Sensitive Permissions
  • Device Management
  • File Type Filtering
  • Data Copy Restriction
  • Extended Control Over Portable Devices
  • Detailed Forensics
  • Keylogger Detection And Enforcement
  • Policy-Based Encryption For Removable Storage
  • User-Enabled Encryption
  • Prevents Data Theft
  • Blocks Physical Malware
  • Enhances Security Policies
  • Secures Productivity Tools