Introduction to Comodo EDR
Comodo Endpoint Detection and Response (EDR) is a powerful event analysis tool that provides real-time monitoring and detection of malicious events on Windows endpoints. Endpoint Detection and Response allows you to visualize threats in a detailed timeline while instantaneous alerts keep you informed if an attack occurs.
EDR's cloud-based admin console can be accessed anytime using an internet browser.
- You can enroll for a free EDR account at https://edr.cwatch.comodo.com
- You can login to the EDR admin console at https://edr.cwatch.comodo.com/login
- You can also access EDR through your Comodo One/ Comodo Dragon / ITarian account. Login then click 'Applications' > 'cWatch EDR'.
- You must install the EDR agent on all endpoints you wish to monitor. After logging-in, click 'Download Agent' to get started.
Features
- Continuous threat monitoring of managed endpoints
- Advanced search capabilities for file hashes and detection
- Real-time visibility into what's happening in your environment
- Policy customization
- Unrivaled process timeline visualization
- Retrospective analysis of events
- Centralized cloud hosted architecture
- Human analysis of unknown file and event types
- Compatible with other endpoint security tools
Guide Structure
This guide is intended to take you through the configuration and use of EDR and is broken down into the following main sections. The guide can also be navigated using the bookmarks on the left.