PolyLogyx Endpoint Platform
EDR Platform Unplugged
We provide fully featured EDR product built on open standards and open source platforms, to allow for a broader community participation. OSQuery-based design allows agent extensibility to other endpoint technologies from the community at large. OpenC2 standard allows for response commands across systems.
No New Console Required
We recognize that an MSSP or MDR ecosystem has diverse vendor systems, and many homegrown technologies. With an open framework both on the agent side and server side, the ability to incorporate new data sources and new data analytics or dashboards is endless without requiring a new console.
Save On Costs
With a configurable data flow and alert filtering, you can specify the server and storage only for the data you want. There is no duplicate repositories of data. Everything we design is focused on the MDR SOC requirements, the capital/operational/license costs and the MDR business margins
Improve Resolution Times
Apart from multi-customer operations capability, the ability to automatically send commands to endpoints from your SIEM, network appliances or your console enables the SOC analyst to be more effective at unprecedented speed.
Effective SOC Analyst
Elimination of wasteful SOC activity results in faster time to resolution. An effective SOC Analyst is a happy SOC Analyst, which is critical for any SOC performance.
Incremental Revenue Opportunities
The agent-side and server-side open architecture allows endless integration potential with applications/data sources on the endpoint or with detection engines on the backend. It opens up new higher-margin service offerings possibilities such as context-aware monitoring in SCADA or hospital networks
|Windows Sysmon (Agent Only)||Traditional EDR Tools||PolyLogyx Endpoint Platform (On Windows)|
|Data Collection & Customization Real time event telemetry (file, process, network)|
|Critical OS state change|
|Log Aggregation Single Endpoint Agent for Any Log Aggregation, Interrogation, Real-time Telemetry, and Response Action|
|Data Aggregation Distributed data storage choices|
|Detection & Visualisation In-box detection & matching (ex. MITRE attack framework, dashboards)|
|Live Investigation Simplified query language to contextualise events across types|
|Live Response Ability to take response to threats|
|Third Party Integrations APIs for integration with SIEM/SOAR/Big Data Platforms|
|Multi-Customer SOC Operations Multi-customer SOC APIs for investigations, forensics & hunting|
|Extensibility Non-security use cases (ex. logs, device management)|
Follow PolyLogyx on Github for updates, feature requests and other community fun.