FireTower Security Tasks
FireTower Security Software discovers and authenticates critical change events at endpoint computers and synthesizes discoveries to a centralized enterprise threat database maintained by the FireTower Server service.
Through this threat database, FireTower provides an interactive threat exploration interface with built-in analytics to hunt for indicators of compromise, to deliver comprehensive endpoint visibility and to enhance the detection and containment of malicious activities.
FireTower delivers the continuous monitoring capabilities using Cyber Console (CyCon) Dashboard for the enterprise security situational awareness.
- Monitoring from insider and advanced persistent threats
- Monitoring suspicious activities and attacks that penetrate the endpoint perimeter defense including Zero-day malware
- Determine suspicious and malicious software based on forensic data and analytics
- Determine at-risk systems in the enterprise and start incident response investigation and remediation
FireTower Client software to detect and contain incoming Zero-day malicious software in real-time based on the group specific security posture.
FireTower Endpoint Protection Profile for FireTower Guard Service:
- OFF: FireTower only monitors critical events & Guard Service is disabled
- NORMAL: Guard will block and quarantine RED and ORANGE events
- ELEVATED: Guard will block and quarantine RED, ORANGE and YELLOW events
- LOCKDOWN: Guard will block and quarantine all events except System updates