Panda Adaptive Defense 360

When it comes to internet security, most organisations if given the option, would like to stick to the old adage: prevention is better than cure. But that isn’t always possible given the permeable nature of the environment a majority of the organisations operate under these days and the increased sophistication of the attacks. 

Panda has a series of enterprise protection products to shield organisations from the constant onslaught. The crown-jewel in their product portfolio is Adaptive Defense 360 (AD360) that makes good use of the latest buzzword-compliant technologies (read: big data and AI) in its bid to outsmart the attackers with just the right amount of endpoint protection features.

Features  

endpoint protection platform (EPP) suite that includes a host of other features, most notably endpoint detection and response (EDR) and patch management. You can use it to block malicious apps as well as filter web content, manage patches, and more. 

Another AD360 feature that it’s particularly proud of is the 100% attestation service, which only allows apps certified by Panda to run. Behind the curtains, it evaluates 10,000 different attributes for each executable, to classify it as either good or bad. Also of note is the threat hunting service that Panda claims can detect attacks that don’t use known malware signatures and more importantly, even thwart malicious actions of insiders.

All said and done, AD360 protects against a wide range of threats including known and unknown zero-day malware, fileless malware, ransomware, advanced persistent threats (APTs), phishing attacks, potentially unwanted programs (PUPs), and can also thwart any malicious in-memory exploits.

While most users will be happy with its default mode of operation, the platform is flexible enough to make way for exceptions. If you know what you’re doing, you can allow the execution of an item that has been flagged as a threat.

All of its functionality is exposed via a remote cloud interface, which makes installation a non-issue and management fairly straightforward. The platform offers a detailed look into the endpoints, and also offers detailed forensic information to all malicious activities.

There are several optional add-on services as well including a patch management service that’ll keep its eyes peeled for any patches for Windows and all third-party apps.

Interface and use

One of the best features of AD360 is its cloud-based management interface. It’s logically arranged and exposes lots of functionality, without intimidating first time users. 

The interface brings up the Status menu that gives you an overview of the entire network. Most of its visualizations are clickable and will help you further drill down into particular areas to get more details. The State menu has several dashboards, each of which monitors a specific area of the platform. 

For instance, the Security dashboard gives you the security status of your network. Then there’s the Web access and spam dashboard that you can use to analyse web traffic as well as email on your Microsoft Exchange servers. You’ll have others if you’ve subscribed to other AD360 services like Patch Management, though our main focus is on the Security dashboard.

The Security dashboard has several widgets that each keep track of different aspects of the network. The information in the panels is generated in near-real time and most of the widgets can be clicked through to display more detailed information. 

The first step however is to switch to the Computers menu to add new endpoints. You can use the interface to download or email download links to Windows, macOS, Linux or Android agents. One of the good things about the process is that once you have installed the agent on a Windows computer, it will automatically discover other computers on the same subnet and you can then install the agent on these machines remotely from the administration interface.