Remediation tools

Contain and eradicate threats, and restore your information system using HarfangLab’s EDR remediation capabilites.

Remediation tasks automation

Granular and targeted actions on the information system

Block threats automatically

To contain or eradicate threats, EDR detection engines can be configured in blocking mode or in detection, blocking, and quarantine mode. By configuring engines and detection rules, EDR can prevent a process from launching, kill it once launched, or quarantine files.

These different configurations ensure optimal protection based on your cybersecurity needs and context, and the maturity and stability of your detection rules.

Remediation tool for cybersecurity - Block threats

Isolate or remediate in the event of a security incident

When an alert is triggered, quickly isolate an endpoint, a group of endpoints, or an entire IT infrastructure – or directly remediate the threat to:

Prevent attackers from moving laterally
Stop control over the endpoints attackers have managed to take over
Limit the spread of an attack

Remediation tool for cybersecurity - Isolate threats

Your toolkit for responding to cyberattacks

If an attack or security incident is detected, HarfangLab is your toolkit for responding accurately and effectively to threats using preconfigured remediation jobs or scripts and executables that can be customized via Remote Shell:

Malicious file deletion or quarantine
Services or scheduled task deletion
Operations on registry databases
Process kill

Launch remediation jobs across your entire IT infrastructure, or on a selection of targeted endpoints.

Remediation tool for cybersecurity - toolbox

Find out more

edr hero-facilitez le travail des analystes

EDR: Endpoint Detection and Response

EDR with investigation tools

Cybersecurity - Workspace Security Platform

Cybersecurity: how EDR protects itself against attacks

As cyber-attack techniques become more sophisticated and increase in volume, so do the tools available to deal with them.