SectionGuard is our cloud-managed, enterprise security platform for Windows endpoints. Living deep inside Windows, SectionGuard can monitor and detect a vast number of threats or irregularities in realtime.
Enterprise-grade endpoint-sensor. SectionGuard listens to everything happening on each workstation, laptop or server and feeds valuable information about processes behaviors to a remote log-server for analysis by the company security staff; SectionGuard knows which program did what and it even knows about many malicious behaviors and points these out as well. The result is unprecedented transparency of eg. a malware attack within the organization, helping staff to quickly identify infections and attacks that normally can go undetected for months.
Real Time Observation Language
SectionGuard is flexible and extendable, and its behaviour can be adapted with your own rules. You can alert when a process writes data to USB, when a process deletes more than N files per second, if a process does direct DNS requests. You name it.
SectionGuard can also react to observations. On a per process level, you can block network, disk access, or terminate processes based on thresholds or observations. In combination with the above, there are many possibilities.