ESET Dynamic Threat Defense

[Trooper 65]

Hi all,

I am using ESET Endpoint Security at my job.  I know that there is ransomware protection built in.  I am wondering if adding ESET Dynamic Threat Defense will assist in helping us further protect our environment from ransomware etc?

Looking for some more information on this.  Also I am curious if there is a trial for this feature?  Any pricing info would be a help as well.

Thanks.

[FRiC 9]

I have a similar question. We bought "Endpoint Protection Advanced" couple years ago which seems to have turned into ESET Protect Entry. I upgraded to the latest ESET Protect 9 yesterday and now I have a useless Dynamic Threat Defense tab in my dashboard. The sales blurb looks interesting but how is it different from cloud based protection that I already have? More info? Trial?

[Marcos 5,074]

There is a difference between LiveGrid and ESET Dynamic Threat Defense. While LiveGrid provides information about recent threats and malicious urls to the product in short time intervals and enables the product to check the reputation of unknown files against cloud, EDTD submits files potentially carrying malware for a sandbox analysis in cloud and waits for a verdict. In the mean time access to the file can be temporarily blocked until the verdict is received.

This improves protection against any kind of malware, not only ransomware. However, in case of ransomware it's usually not that ESET would not detect the threat but an attacker gains administrator access, connects via RDP, disables or uninstall the AV and only then runs the ransomware when it cannot be blocked by the AV.

Therefore we recommend:
- enabling LiveGrid (both the reputation and feedback system)
- enabling detection of pot. unsafe applications (to prevent running legit applications that can disable or remove AV)
- setting up password protection
- using real-time protection and HIPS policies with default settings to lock the settings on clients
- enable SSL filtering
- keep all protection features enabled
- consider using ESET Dynamic Threat Defense (you can ask your local ESET distributor for a trial license)
- consider using EDR (ESET Enterprise Inspector) to monitor your network perimeter for suspicious operations that users may perform and react accordingly, if necessary.

Besides that, make sure to secure RDP. Use 2FA or disable connections from outside and use VPN instead. Also make sure that the operating system, other applications and antivirus are always up to date. Teach users to practice safe computing (avoid visiting dubious websites, open suspicious attachments, clicking suspicious links, etc).

In order to trial ESET Dynamic Threat Defense, you can click Learn more on the EDTD dashboard:

This will take you to ESET's web page where you select "Help me choose". After specifying more information about your environment and the way you want to manage endpoints, you will be presented with options to contact sales or "Try before you buy" which allows for creating a trial EBA account

[Trooper 65]

Thanks for this Marcos.  I will try reaching out to sales again.  I did last week but never heard back.

[MichalJ 434]

Hello @Trooper can you please let me know in a private message details about how you reached to them, and your public license ID? I Will try to search details of your case closer, and check, whether it was correctly received. And I will make sure, that you will hear back soon. Thank you.