HarfangLab EDR
Endpoint Detection and Response

Simplify the work of cybersecurity experts, anticipate threats and respond swiftly, for all OS, both as Cloud or On-Premises.

icon-40-grey-alert
Detect and block threats
icon-40-grey-peoplesettings
Optimize your analysis
icon-40-grey-hands
Take control of your cyber environment

HarfangLab EDR’s detection engines are embedded directly into the agents deployed on endpoints (workstations and servers), ensuring protection is as close as possible to the threat.

Both easy to install and scalable, HarfangLab EDR is engineered to maintain terminal performance and deliver reliable protection even when endpoints are disconnected from the network.

On-Premises & Cloud deployment with same functionalities
AI to detect unknown threats and enhance analysts' capabilities
Wide-ranging integrations for a perfectly tailored cyber stack
API available for close management of the working environment
Fine-tune threat intelligence & whitelists settings to efficiently reduce false positives
Access to all data for comprehensive exploitation, aggregation, & correlation

An EDR (Endpoint Detection and Response) is a security solution designed to protect endpoints, such as workstations and servers, through an installed agent that detects and mitigates threats. It not only identifies suspicious files but also monitors for malicious behaviour, indicators of compromise and more. The EDR can generate alerts or block threats while providing detailed information that allows for thorough investigation of the detected security events.

The EPP (Endpoint Protection Platform) is a security tool designed to provide broad threat protection, including features like antivirus, firewall and USB port protection. It can automatically block threats when it detects malicious files, unauthorised network connections, the connection of USB devices, etc. EPPs can also alert you to abnormal activity.

An EDR (Endpoint Detection and Response), however, focuses on detecting and responding to threats in real-time as a program is executed or by analysing system behaviour. It also collects data about security events to aid in analysing the threat and taking the appropriate response.

HarfangLab EDR employs various detection engines, including behavioural analysis and Artificial Intelligence, to identify and respond to threats that aren’t found in known threat databases.

All OS are supported: Windows, Linux and macOS. Our detailed documentation is available for more information.

HarfangLab EDR can be deployed in the Cloud or On-Premises infrastructure, offering the same functionalities in either environment.

Regardless of the deployment method, agents are installed directly on the endpoints and communicate with the console to share telemetry data and receive threat detection and blocking policies.

Updates require no endpoint reboots and, for On-Premises deployments, can be managed either remotely or on site.