Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment
Software New

Hall 7 / Booth Number 7-351

AURORA EDR Agent

Logo Nextron Systems GmbH

by Nextron Systems GmbH

Product Picture AURORA EDR Agent
Product Picture AURORA EDR Agent
Product Description

south_east

Product Expert

south_east

Categories

Managed security services Forensics Computer emergency response team (CERT) Threat analysis Anti-virus and malware protection APT protection Intrusion detection / prevention

Key Facts

  • 100% Transparency: You always know exactly why a rule triggered and can adjust that rule to your needs. Every rule has descriptions and references that explain the author’s intentions. No machine learning magic that generates tons of false positives.
  • Highly Customizable: Create and add your own rules and decide if AURORA should block certain activity. AURORA supports simulated blocks, offers a variety of pre-defined and custom response actions. Let AURORA report into your SIEM or your MDR service provider.
  • Minimal Network Load and Storage Costs: As the matching happens on the endpoint, AURORA transmits only a fraction of the data that other EDRs generate and transmit to their backends. Usually you’ll see less than 1% of the usual network load and storage used by log data collected from AURORA agents.

Product Description

The AURORA Agent is a lightweight and customisable EDR agent based on Sigma. It uses Event Tracing for Windows (ETW) to recreate events that are very similar to the events generated by Microsoft’s Sysmon and applies Sigma rules and IOCs to them. AURORA complements the open Sigma standard with “response actions” that allow users to react to a Sigma match.

It is everything that other EDRs aren’t.

It is completely transparent and fully customisable due to the open Sigma rule set and configuration filesit saves 99% of the network bandwidth and storageit works completely on-premises, no data leaves your networkit can be configured to use only a limited amount of resources.

AURORA runs completely on premise. Your confidential data never leaves your network.

 ... read more

Product Expert

close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.