IBM Qradar EDR - ReaQta

Traditional endpoint security, including antivirus and signature-based protection, may not be enough. And yet, as seen through the rise of extended detection and response (XDR), endpoints are critical to broader visibility across the enterprise, whether in cloud, on servers or elsewhere. With XDR here to stay, endpoint security should evolve to keep pace.

ReaQta leverages exceptional levels of intelligent automation and AI to help detect and remediate known and unknown threats in near real time. With deep visibility across endpoints, it combines expected features, such as MITRE ATT&CK mapping and attack visualizations, with dual-engine AI and automation to propel endpoint security into a zero trust world.

 

Benefits

Undetectable by design

Undetectable by design
NanoOS, a unique hypervisor-based approach, works outside the operating system, providing deep visibility into processes and applications running on endpoints.

Continual learning and improvement

Continual learning and improvement
Automated, AI-powered threat detection and threat hunting includes telemetry from indicators that can be customized for proprietary detection and granular search.

Near real-time response

Near real-time response
Guided and autonomous remediation can simplify and speed response, freeing up analysts’ time. The cyber assistant learns from analyst decisions, then retains behaviors to reduce false positives.

Tailor-made threat hunting

Tailor-made threat hunting
Custom detection strategies — beyond “out of the box” models — help address compliance or company-specific requirements without the need to reboot the endpoint.

 

 

Behavioral tree

Behavioral tree

A behavioral tree provides full alert and attack visibility.
Behavioral tree storyline

Behavioral tree storyline

A user-friendly visual storyline is automatically created as an attack unfolds, including mapping to MITRE ATT&CK, for full visibility.
Cyber Assistant alerts

Cyber Assistant alerts

The Cyber Assistant, an AI-powered alert management system, can autonomously handle alerts, reducing analysts’ workloads.
Cyber Assistant recommends

Cyber Assistant recommends

The Cyber Assistant learns from analyst decisions, then retains the intellectual capital and learned behaviors to make recommendations and help reduce false positives.
Custom detection strategies

Custom detection strategies

Detection Strategy (DeStra) scripting allows users to build custom detection strategies — beyond preconfigured models — to address compliance or company-specific requirements without the need to reboot the endpoint.

 

Features

 

Lightweight endpoint agent

The agent, which uses less than 1% of CPU, is undetectable by design.

Multiple Deployment Options

Deploy in Cloud, on Premises, or in air-gapped environments.

Multi-tenancy for MSSPs

Enable easy customer management and reporting on one console.

 

Read the reports