Actu
Nucleon Security introduces Remote actions, Remediation and Rollback features in its EDR last version
June 2020 by Marc Jacob
In addition to its core detection and response capabilities, Nucleon Security’s EDR Nucleon Smart Endpoint, integrates henceforth Remote Actions, Remediation and Rollback features. The recently added features will enhance SecOps teams’ post-incident capabilities.
Remote Actions features will allow the Incident response teams to investigate more efficiently using a large range of commands such as process memory and logs dumping. Nucleon Security have chosen to not implement a full remote shell and restrain the commands to be executed from its EDR management console for security reasons.
Remediation features will help SecOps teams, system administrators and all IT infrastructure security stakeholders return to a resilient system state after an attack. By using deep logging features, the stakeholders can identify the root cause of the attack and revert the system to the second before it occured.
Rollback features will allow all stakeholders to recover any corrupted or lost data following an attack. Data recovery after a ransomware attack is an example of Rollback features usage.
The core detection and response features, in addtion to the rest of all the attributes included in Nucleon Smart Endpoint last release, are meant to help SecOps teams and all IT infrastructure security stakeholders gain ground on cybercriminals providing them with all the tools to protect the value created by their organizations.
