Endpoint Sensor is a powerful monitoring and investigation tool used to identify the presence, location, and entry point of threats. Through the use of detailed system event recording and historical analysis, you can perform Historical Investigations to discover hidden threats throughout your network and locate all affected endpoints. Generate Root Cause Analysis reports to understand the nature and activity of the malware since the threat entered the endpoint.
You can also perform Live Investigations through the use of shared IOC files and YARA rules. Live Investigations conduct in-depth searches of endpoints to locate previously unidentified threats and possible Advanced Persistent Threat attacks.