Security Vision announces the launch of a new product, Security Vision EDR. This Endpoint Detection and Response solution is designed to detect, analyze, and prevent threats on endpoints. The product monitors activity on Windows and Linux hosts, identifying malicious activity based on event correlation directly at the endpoint level.
Architectural Feature
The solution's architectural feature is agent-based correlation. This enables real-time attack detection without dependence on central infrastructure and reduces response delays.
Threat Response
Built-in automatic blocking mechanisms allow for the prompt prevention of malicious activity before it spreads.
Manual response capabilities complement the automated mechanisms and allow operators to perform targeted actions within an incident.
Correlation Rules and Configuration
Security Vision EDR includes over 800 preconfigured correlation rules covering common attack techniques. A no-code editor allows for customization to your infrastructure, allowing you to create and modify rules without programming.
Sensors and Telemetry
Flexible configuration of sensors and collected telemetry optimizes the balance between data completeness and system load.
Agent Infrastructure Management
Special attention is paid to managing the agent infrastructure. The system implements centralized agent distribution, availability monitoring, and stability analysis. Relevant metrics are presented on dashboards and in reports, simplifying operation and coverage monitoring.
Asset Management Module
The solution includes a fully functional asset management module that scans, identifies, and inventories hosts and services. This module allows you to create asset groups, classify them by role and criticality, and build a resource-service model for your infrastructure. This approach provides analysts with complete context during investigations: information about the significance of the affected asset, its segment affiliation, and its role in business processes becomes available, improving the quality of decision-making.
Key Features (Summary):
· Endpoint correlation;
· Over 800 correlation rules and a No-Code editor;
· Automatic blocking of malicious activity;
· Flexible sensor and telemetry configuration;
· Built-in asset management module;
· Agent status and availability monitoring.
Software Certification and Registry
Security Vision EDR is included in the Russian software registry (registry entry No. 364 dated April 8, 2016) and holds the following conclusions and certificates:
· Conclusion 149/3/6/908 of the 8th FSB Center dated October 1, 2024;
· Certificate of Conformity from the Federal Service for Technical and Export Control of Russia (FSTEC Certificate of Conformity No. 4964, dated August 19, 2025);
· Certificate of Conformity from the Ministry of Defense of the Russian Federation No. 7564, dated August 28, 2025, for Trust Level 2 (NDV-2);
· Certificate of Conformity from the OAC under the President of the Republic of Belarus No. BY/112 02.02. TP027 036.01 01673, dated December 6, 2024.
Security Vision will continue to develop its security ecosystem, providing customers with a full cycle of threat detection and response – from event monitoring to blocking attacks on endpoints. Security Vision EDR is now available for testing and implementation.
.png)
