Contact Us
Recon
Level Effect’s Endpoint Detection and Response (EDR) capability is the first and only endpoint solution that merges endpoint forensics with deep network traffic visibility.
Request Quote
Network Visibility is Key to Advanced Threat Detection and Response
Advanced cyber-attacks are designed to evade traditional prevention and detection techniques. While attackers try to disguise their activities, their packets ultimately cross the network. Network traffic analysis is a key component of threat detection, hunting, and response by providing deep visibility into the techniques attackers use to infiltrate a network.
Merge Data Silos with Unified Logs and Complete Visibility
Recon can see what is happening internally and externally to the protected endpoint to provide unparalleled visibility and detection of advanced threats that may be operating within the network. This blending of data provides context and illuminates anomalous activity.
Automate at the Source
The endpoint is the site of the crime, the source of the data we are hunting for. This is where the adversary exploits, pivots, and maintains access. Here is where Recon will identify and detect these threats with the ability to see both endpoint and network activity.
Managed Threat Hunting
Threat hunting is the process of searching through a network to find signs of compromise or intrusion that made it past preventative defenses. Using Recon, Level Effect will work alongside your IT & Security teams discovery, isolate and contain identified network threats.
No other capability provides the same level of network and endpoint visibility in a single solution.
Recon Features
Network logging from the endpoint perspective, distilled down to datapoints important to finding threats.
Utilizing the popular MITRE ATT&CK framework, Recon correlates system and network events to known adversarial behaviors.
Recon surveys endpoint systems for installed applications and patches, looking for vulnerabilities and missing updates.
Remotely task and remediate systems using WMIC, Powershell, and native Windows Commands.
Use Recon’s unique data and platform to conduct real-time forensics and hunt for threats in your network.
Request a Quote
Recon Frequently Asked Questions (FAQ)
What is the system resource impact by installing Recon?
Recon consumes 0-5% CPU and 10-40 MB of RAM depending on OS and network activity.
Does Recon open any new ports?
Recon does not open any new ports on the system. Recon uses port 443 over TCP for all communication
Where does collected data go?
Recon is a cloud-native solution. Collected data is transmitted to Recon's cloud platform on Amazon’s AWS. Currently, Recon does not have an available option for an on-premise data solution.
How does Level Effect protect collected data?
Collected data is encrypted on the workstation at rest, securely transmitted via TLS 1.3, and encrypted at rest once in the Recon analytic cloud.
How is Recon installed and configured?
Recon can be installed manually via local installer or deployed silently across the network via SCCM or similar deployment solutions. Recon does not require system reboots or any configuration to begin working.
© 2020 by LevelEffect.com
Privacy
Terms
Follow Us