Introduction to ESET Inspect
ESET Inspect combines all the powerful capabilities of its on-premises version with the ease of deployment, and virtually no maintenance requirements, of a cloud-delivered service. It is a culmination of ESET Endpoint detection technologies and know-how.
It has a fully transparent and customizable Rule Engine with nearly 1,000 rules, written by ESET's world-class malware researchers to detect threats and behavioral anomalies cross-referenced with the MITRE ATT&CK framework.
For response and remediation, ESET Inspect provides security professionals with a variety of features:
•Block executables
•Kill processes
•Isolate endpoints from the network
•Terminal remote shell
The following ESET business security solutions have been renamed:
|
All response actions can be triggered manually or automatically with pre-defined response scenarios.
Incidents are handled easily via its Incident Management system, and threat hunting is a breeze thanks to the powerful Indicator of Compromise (IoC) search and filtering.
ESET Inspect includes all of the key features and capabilities of ESET Inspect On-Prem but were slightly adjusted to fit the needs of cloud-based management.
•Multiplatform support Windows, macOS, and Linux allows virtually any endpoint to be monitored, completely protecting an organization regardless of its platform type.
•ESET Business products version 6 and later are supported.
•License management is done entirely in ESET Business Account. Create a new ESET PROTECT and ESET Inspect instance. A single instance supports up to 25,000 endpoints.
•The dashboard does not contain Server status and Events load tabs (no maintenance is required).
•The Settings section contains fewer configuration options than the ESET Inspect On-Prem version, as there is no need for ESET Inspect Database maintenance.
•The Settings section offers search engine integration, Rule learning mode and an option to specify a ESET Inspect instance name.
•Data collection is configured to store the most important data. All data related to processes are stored, but the collection of low-level events is limited to suspicious ones.