Endgame’s secure platform is built on a tiered architecture that provides unprecedented protection of your endpoints. It includes a single lightweight agent, management server, cloud-based malware analysis sandbox, and access to third-party threat intelligence.
Prevention and Detection: No Cloud Required
All prevention and detection functions occur autonomously within our single lightweight endpoint agent. No communication to cloud-based services are required. No roundtrip time is wasted or customer data exposed by accessing cloud-based components for prevention and detection functions.
Threat Hunting: Secure Platform Analysis
Endgame alert triage and proactive threat hunting functions send endpoint data to Endgame’s secure platform for analysis. All data is encrypted and agent connections are mutually authenticated. Customers can submit files for detailed malware analysis in Endgame’s sandbox, Arbiter, located in Endgame’s private cloud.
Endgame never submits customer data to third parties, including binaries and executables, ensuring no customer data ever is made available to unauthorized parties. Endgame provides reputation data for files already determined to be malicious by the Endgame platform by querying third-party threat intelligence sources for file hashes only. This architecture uniquely protects enterprise endpoints and all data.