Trend Micro Endpoint Sensor uses a lightweight client to record endpoint activity and communication events at the kernel level. The sensor tracks these events in context across time, providing an in-depth history that can be accessed in real time by analysts.
Endpoints can be queried for specific communications, specific malware, registry activity, account activity, running processes, and more. Search inputs can be individual parameters, OpenIOC files, or YARA files.
Endpoint Sensor reports and records detailed system-level activities across Windows-based servers, desktops, and laptops regardless of location.
Using an XGen™ security blend of cross-generational detection techniques, Endpoint Sensor can search and discover targeted attacks.