HEX DEREF X - Features and support
| #1039 Title: Endpoint protection Allowlisting vs detection-response Administrator |
05/20/2026 22:10 - 0 days 3 hours 10 minutes #1039 |
- Stop data breaches and ransomware attacks before they start: https://www.trendmicro.com/en_us/research/23/e/blackcat-ransomware-deploys-new-signed-kernel-driver.html
- Zero false positives as its trusted execution
- No disruptions to core operations
- No reputational damage
- There is no need to bring an expensive CIR team on site post-breach. And even then, the root cause may not necessarily be identified at the device level
The solution isolates unknown threats at runtime until they are analyzed, ensuring security across endpoints.
HEX DEREF ANTI-MALWARE X includes both allow-listing and detection-response capabilities. The solution can be configured to an allowlist-only mode, which makes it an ideal fit for environments such as educational institutions that use only Microsoft products.
The solution logs processes with their command lines and network connections into a local database without any restrictions. Depending on the settings, it can also send them to a centralized database across endpoints. This allows the SOC to perform threat hunting without limitations and, most importantly, to investigate any potential data breaches afterward at the device level.
- Zero false positives as its trusted execution
- No disruptions to core operations
- No reputational damage
- There is no need to bring an expensive CIR team on site post-breach. And even then, the root cause may not necessarily be identified at the device level
The solution isolates unknown threats at runtime until they are analyzed, ensuring security across endpoints.
HEX DEREF ANTI-MALWARE X includes both allow-listing and detection-response capabilities. The solution can be configured to an allowlist-only mode, which makes it an ideal fit for environments such as educational institutions that use only Microsoft products.
The solution logs processes with their command lines and network connections into a local database without any restrictions. Depending on the settings, it can also send them to a centralized database across endpoints. This allows the SOC to perform threat hunting without limitations and, most importantly, to investigate any potential data breaches afterward at the device level.
Post a comment
