SOLUTION OVERVIEW

Multilayered technology, machine learning and

human expertise working together in dynamic
equilibrium, provided by the #1 global endpoint
security partner from the European Union
What is an
Endpoint
Protection
Platform?
An endpoint protection platform (EPP) is
a solution deployed on endpoint devices
to prevent file-based malware attacks,
detect malicious activity, and provide the
investigation and remediation capabilities
needed to respond to dynamic security
incidents and alerts.

ESET’s endpoint protection solutions leverage

a multilayered approach that utilizes multiple
technologies working in a dynamic equilibrium,
which has the ability to constantly balance
performance, detection and false positives.
Why Endpoint
Protection
Solutions?
RANSOMWARE
Ransomware has been a constant
concern for industries across the
world ever since Cryptolocker
in 2013. Despite ransomware
having existed for far longer, it
was never previously seen as
a major threat by businesses.
However, now a single incidence
of ransomware can easily render a
business inoperable by encrypting
important or essential files.
When a business experiences a
ransomware attack, it can quickly
realize that the backups it has are
not recent enough, thus tempting
it to pay the ransom.
ESET’s endpoint protection
solutions provide multiple layers
of defense to not just prevent
ransomware but to detect it
if it ever appears within an
organization. It is important to
prevent and detect ransomware,
as every time someone pays
a ransom, it encourages the
criminals to continue to utilize this
mode of attack.
TARGETED ATTACKS
AND DATA BREACHES
Today’s cybersecurity landscape
is constantly evolving with new
attack methods and never-before-
seen threats. When an attack or
data breach occurs, organizations
are typically surprised that their
defenses were compromised or
are completely unaware that
the attack even happened. After
the attack is finally discovered,
organizations then reactively
implement measures to block
any similar attack from being
repeated. However, this does
not protect them from the next
attack, which may use another
brand-new vector.
ESET’s endpoint protection
solutions use threat intelligence
information based on their
global presence to prioritize and
effectively block the newest
threats prior to their delivery
anywhere else in the world. In
addition, our solutions feature
cloud-based updating to respond
quickly in the case of a missed
detection without having to wait
for a normal update.
FILELESS ATTACKS
Newer threats, called fileless
malware, exist exclusively in
computer memory, making it
impossible for file scanning-based
protections to detect them.
Furthermore, some fileless attacks
will leverage currently installed
applications that are built into
the operating system to make it
even harder to detect a malicious
payload. For example, the use of
PowerShell in these attacks is very
common.
ESET endpoint protection
platforms have mitigations in
place to detect malformed or
hijacked applications to protect
against fileless attacks. ESET has
also created dedicated scanners
to constantly check memory
for anything that is suspicious.
By utilizing this multilayered
approach, we make sure we
always stay one step ahead of the
newest malware.
ESET’s endpoint protection solutions provide multiple layers of
defense to not just prevent malware but to detect it if it ever
appears within an organization.

Newer threats, called

When an attack or data
fileless malware,
breach occurs, organizations
exist exclusively in
are typically surprised
computer memory,
that their defenses were
making it impossible
compromised or are
for file scanning-based
completely unaware that the
protections to detect
attack even happened.
them.

“ESET has been our reliable security solution for years. It does what it has
to do; you do not have to worry. In short, ESET stands for: reliability, quality
and service.”

—Jos Savelkoul, Team Leader ICT-Department; Zuyderland Hospital, Netherlands;

10,000+ seats
ESET’s endpoint protection solutions

ESET Endpoint Security for Windows/Mac/Android

ESET Endpoint Antivirus for Windows/Mac/Linux
ESET File Security for Windows Server/Linux/Azure
ESET Mobile Device Management for Android and Apple iOS
The ESET
Difference
MULTILAYERED PROTECTION
ESET combines multilayered technology, machine
learning and human expertise to provide our customers
with the best level of protection possible. Our
technology is constantly adjusting and changing to
provide the best balance of detection, false positives
and performance.
UNPARALLELED PERFORMANCE
A major concern for many organizations is the
performance impact of their endpoint protection
solution. ESET products continue to excel in the
performance arena and win third-party tests that prove
how light-weight our endpoints are on systems.

CROSS PLATFORM SUPPORT WORLDWIDE PRESENCE

ESET endpoint protection products support all OSes
including Windows, Mac, Linux and Android. All our
endpoint products can be fully managed from a single
pane of glass; mobile device management for iOS and
Android is fully built in as well.
ESET has offices in 22 countries worldwide, R&D labs in
13 and a presence in over 200 countries and territories.
This helps to provide us with data to stop malware prior
to it spreading across the globe, as well as to prioritize
new technologies based on the most recent threats or
possible new vectors.

ESET 58 mb
Symantec 153.2 mb
Trend Micro 392.6 mb Lowest network load among all tested vendors

Kaspersky Lab 595.1 mb

McAfee 977.2 mb
Sophos 2533.2 mb
Source: AV-Comparatives: Network Performance Test, Business Security Software

“The best testimony? The stats from our helpdesk: after

we introduced ESET, our support guys don’t log any
calls – they don’t have to deal with any antivirus or
malware-related issues!”
— Adam Hoffman, IT Infrastructure Manager; Mercury Engineering,
Ireland; 1,300 seats
The Technology
Our products and technologies
rest on 3 pillars

ESET LIVEGRID® MACHINE LEARNING HUMAN EXPERTISE

Whenever a zero-day threat such Uses the combined power of ESET’s world-class security
as ransomware is seen, the file is neural networks and handpicked researchers share elite know-how
sent to our cloud-based malware algorithms to correctly label and intelligence to ensure our users
protection system – LiveGrid®, incoming samples as clean, benefit from optimum, round-the-
where the threat is detonated potentially unwanted or malicious. clock threat intelligence.
and its behavior is monitored. The
results of this system are provided
to all endpoints globally within
minutes without requiring any
updates.

A single layer of defense is not enough for the constantly

evolving threat landscape. All ESET Endpoint Security products
have the ability to detect malware pre-execution, during
execution and post-execution. Focusing on more than a specific
part of the malware lifecycle allows us to provide the highest
level of protection possible.
MACHINE LEARNING
All ESET endpoint products have been using machine
learning in addition to our other layers of defense since
1997. Specifically, machine learning is used in the form
of consolidated output and neural networks. For a deep
inspection of the network, admins can turn on a special
aggressive machine learning mode that works even
without internet connection.
RANSOMWARE SHIELD
ESET Ransomware Shield is an additional layer that
protects users from ransomware. This technology
monitors and evaluates all executed applications based
on their behavior and reputation. It is designed to
detect and block processes that resemble the behavior
of ransomware.
IN-PRODUCT SANDBOX
Today’s malware is often heavily obfuscated and tries
to evade detection as much as possible. To see through
this and identify the real behavior hidden underneath
the surface, we use in-product sandboxing. With
the help of this technology, ESET solutions emulate
different components of computer hardware and
software to execute a suspicious sample in an isolated
virtualized environment.
ADVANCED MEMORY SCANNER
ESET Advanced Memory Scanner monitors the behavior
of a malicious process and scans it once it decloaks in
memory. Fileless malware operates without needing
persistent components in the file system that can be
detected conventionally. Only memory scanning can
successfully discover and stop such malicious attacks.
EXPLOIT BLOCKER
ESET Exploit Blocker monitors typically exploitable
applications (browsers, document readers, email clients,
Flash, Java and more), and instead of just aiming at
particular CVE identifiers, it focuses on exploitation
techniques. When triggered, the threat is blocked
immediately on the machine.
BOTNET PROTECTION
ESET Botnet Protection detects malicious
communication used by botnets, and at the same
time identifies the offending processes. Any detected
malicious communication is blocked and reported to
the user.
NETWORK ATTACK PROTECTION
This technology improves detection of known
vulnerabilities on the network level. It constitutes
another important layer of protection against the
spread of malware, network-conducted attacks, and
exploitation of vulnerabilities for which a patch has not
yet been released or deployed.
DNA DETECTIONS
Detection types range from very specific hashes to
ESET DNA Detections, which are complex definitions of
malicious behavior and malware characteristics. While
the malicious code can be easily modified or obfuscated
by attackers, the behavior of objects cannot be changed
so easily and ESET DNA Detections are designed to take
advantage of this principle.

HIPS UEFI SCANNER

ESET’s Host-Based Intrusion Prevention System
monitors system activity and uses a predefined set
of rules to recognize suspicious system behavior.
Moreover, the HIPS self-defense mechanism stops
the offending process from carrying out the harmful
activity.
ESET is the first endpoint security provider to add
a dedicated layer into its solution that protects the
Unified Extensible Firmware Interface (UEFI). ESET UEFI
Scanner checks and enforces the security of the preboot
environment and is designed to monitor the integrity of
the firmware. If modification is detected, it notifies the
user.

“The biggest thing that stands out is its strong technical

advantage over other products in the marketplace. ESET
offers us reliable security, meaning that I can work on
any project at any time knowing our computers are
protected 100%.”
— Fiona Garland, Business Analyst Group IT; Mercury Engineering, Ireland;
1,300 seats
ESET Security Management Center

All ESET endpoint solutions are managed from a single

pane of glass – ESET Security Management Center
– that can be installed on Windows or Linux. As an
alternative to installing, ESET has a virtual appliance
that you can simply import for quick and easy setup.
Use cases
Ransomware Zero-day threats
Some businesses want extra assurance that they will be Zero-day threats are a major concern for businesses
protected from ransomware attacks. because they have no easy way to protect against
something that they have never seen before.

SOLUTION
✓ Network Attack Protection has the ability to prevent
ransomware from ever infecting a system, by
stopping exploits at the network level.
SOLUTION
✓ ESET endpoint products leverage heuristics and
machine learning as part of our multilayered
approach to prevent and protect against never-

✓ Our multilayered defense features an in-product before-seen malware.

sandbox that has the ability to detect malware that

attempts to evade detection by using obfuscation. ✓ Our 13 global R&D labs allow us to respond quickly to
malware upon its first incidence anywhere across the

✓ Leverage ESET’s cloud malware protection system to globe.

automatically protect against new threats without

the need to wait for the next detection update. ✓ ESET’s cloud malware protection system
automatically protects against new threats without

✓ All products contain protection in the form of the need to wait for the next detection update.

Ransomware Shield to ensure that ESET users are

protected from malicious file encryption.

Fileless malware “When we found ESET, we

knew it was the right choice:
Fileless malware is a relatively new threat and, as it
exists only in memory, requires a different approach reliable technology, robust
compared to traditional file-based malware.
detection, local presence and
SOLUTION
excellent technical support,
✓ A unique ESET technology, Advanced Memory
Scanner, protects against this type of threat by everything that we needed.”
monitoring the behavior of malicious processes and
scanning them once they decloak in memory.
— Ernesto Bonhoure, IT
✓ Reduce data gathering and investigation time by Infrastructure Manager;
uploading the threat to ESET Threat Intelligence in
Hospital Alemán, Argentina,
order to provide information about how it functions.
1,500+ seats
✓ Multilayered technology, machine learning and
human expertise provide our customers with the best
level of protection possible.
About ESET
ESET – a global leader in information immediate, comprehensive protection
security – has been named as a against evolving cybersecurity
Challenger in the 2019 Gartner Magic threats for businesses and consumers
Quadrant for Endpoint Protection worldwide.
Platforms* two years in a row.
ESET is privately owned. With no debts
For more than 30 years, ESET® has been and no loans, we have the freedom to do
developing industry-leading IT security what needs to be done for the ultimate
software and services, delivering protection of all our customers.

ESET IN NUMBERS

110m+ 400k+ 200+ 13

users business countries & global R&D
worldwide customers territories centers

ESET EMPLOYEES ESET REVENUE

in million €
More than a third of all
ESET employees work in 510
Research & Development 1,580
400

300
700 200

100
2 0
1987 1997 2007 2018 1987 1997 2007 2018

*Gartner does not endorse any vendor, product or service depicted in its research publications. Gartner research publications consist
of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties,
expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
 SOME OF OUR CUSTOMERS

Protected by ESET since 2017 Protected by ESET since 2016

More than 14,000 endpoints More than 9,000 endpoints

Protected by ESET since 2016 ISP security partner since 2008

More than 4,000 mailboxes 2 million customer base

SOME OF OUR TOP AWARDS

“Given the good features for both anti-malware

and manageability, and the global reach of
customers and support, ESET should be on the
shortlist for consideration in enterprise RFPs for
anti-malware solutions.”
KuppingerCole Leadership Compass
Enterprise Endpoint Security, Anti-Malware Solutions, 2018