CISO

Boost your cyberdefence now

Request a demo

An integral part of your cyberdefence

Effective against emerging threats and active attacks, including ransomware

1 — Proven and recognised performance

Certified by the French National Cybersecurity Agency (ANSSI), HarfangLab EDR is now deployed for the protection of the most critical environments (national defence, major companies in the defence, health and new technology sectors).
Visa ANSSI —  HarfangLab —cybersecurité

2 — Easy and fast integration

Multi-platform support (Windows, Linux by the end of 2021).

Integrates with your other existing technologies such as NDR, SIEM or SOAR and other cybersecurity solutions, as well as with Threat Intelligence databases, to better federate security logs. 

Instant deployment: less than 10 seconds per agent, and without the need to reboot.  

The lightweight agent offer maximum protection without slowing down your business.

3 — Respect of confidentiality

HarfangLab EDR is coded in a very robust programming language, RUST, offering both high computational speed and enhanced security.

Tailored to the level of confidentiality required by your business: on-demand trust architecture, deployed in the cloud or on premises, connected to the Web or not.

HarfangLab is a French software vendor, certified “Cybersecurity Made in Europe” and not subject to any non-European jurisdiction.

Always on access to all collected data for your organisation, both for forensic analysis and for other benefits beyond cybersecurity.

Retain ownership of your data.

Don't miss the attack

Monitor, detect and investigate threats

1 — Monitoring tool

Excellent visibility into an installed base as vast as 100,000+ endpoints.

The user interface allows you to see the big picture and to drill down to what you really need to know about your assets.

Don't get overwhelmed by too much information, only analyse the most critical events.

2 — Powerful detection

Automatically detects anomalies through real-time behavioural analysis on all endpoints in your organisation.

Incorporates five complementary detection engines, including our AI engine, for multi-layered security.

The engines can be configured to meet your specific needs.

Prioritises threats based on the Mitre ATT&CK matrix.

Correlates events across the entire organisation to understand compromises.

Manage the crisis

And protect your business

1 — Security assessment

Review all alerts associated with a runtime environment to readily qualify malicious behaviour.

The mapping to the Mitre ATT&CK framework facilitates a quick response to an alert.

2 — Investigation

Intuitive, yet advanced investigation functions to enable your security analysts to examine the IOC on compromised devices or identify suspicious behaviour on the system.

For each newly created process on an endpoint, visualise the disassembled code.

Capture endpoint memory to gather additional evidence. Peform threat hunting and forensic analysis on past events by archiving data over several months.

3 — Remediation

Isolate and contain compromised endpoints to stop attackers from moving laterally. Process blocking rules prevent an attack technique from being used on all endpoints.

Eliminate the threat with expertly designed remediation rules that can be applied on demand to all or some endpoints. They adapt to the investigations carried out.

Capitalise on your experience by enriching your SOAR's investigation and remediation playbooks.

The cornerstone of your cyberdefence

Demo