In 2018, ESET launched ESET Enterprise Inspector (EEI), a sophisticated Endpoint Detection & Response (EDR) tool that monitors endpoint activity for suspicious processes and executables, and triggers alarms based on specific rules. EDR tools are a vital component of any enterprise security portfolio, monitoring endpoint events in order to ensure that no threat, no matter how advanced, goes undetected.
EEI is designed to complement ESET’s award-winning, multi-layered Endpoint Protection Platform. The combination provides a complete prevention, detection, and response solution that allows for quick analysis and remediation of any security issues in the network.
Now, ESET has introduced a brand-new version of EEI, delivering a series of upgraded features that add extra layers of protection while streamlining the user experience. Version 1.4 of ESET Enterprise Inspector introduces object tagging, a public REST API, and two-factor authentication (2FA) for login and macOS support, along with a range of other features.
The new version of EEI also brings support for macOS, one of the most requested features from ESET customers and partners alike. While the majority of endpoints tend to be Windows-based, many companies also have macOS users within their network, which means that multi-platform support is an absolute must-have for an EDR tool. This update means that EEI can now be deployed by those using macOS 10.12 (Sierra) or newer, together with our latest endpoint solutions.
Another major addition is the public REST API. The public REST API allows EEI to be integrated with other commonly used tools such as SIEM and SOAR, meaning that organizations that already use these tools as their central monitoring platform can also benefit from the great visibility and fast investigation capabilities offered by EEI.
One of the most powerful new features in EEI 1.4 is the ability to remotely invoke PowerShell on an endpoint without breaking the end-user’s workflow. PowerShell, a task automation and configuration management framework from Microsoft, can be used as a surgical instrument for investigation and remediation of an endpoint without having to rely just on the actions built into EEI. For example, instead of completely reinstalling an infected endpoint, an admin can go in and remediate only what is necessary to quickly restore a system to its desired state.
Object tagging makes it possible for users to tag all major objects within a network, from computers to tasks, policies, and detections. Imagine tags as virtual sticky notes or bookmarks that allow easy sorting and filtering of objects. Users can create their own tags and save them for easy future assignment, or even create multiple tags for one object so that it can be classified by multiple attributes.
Meanwhile, it is now also possible to use 2FA to log in to the EEI web console. EEI has a lot of powerful features that could be misused if they fell into the wrong hands, so using ESET Secure Authentication adds an extra layer of security when accessing your EEI web console, without any complicated setups or disruptions – it is as simple as a push notification to your phone.
On top of all of this, EEI also employs the MITRE ATT&CKTM knowledge base, helping IT professionals gain an accurate assessment of the digital threats to their businesses and ultimately providing improved endpoint protection.
To find out more about ESET Enterprise Inspector, please follow this link.