SMIT PAREKH, profile picture
Uploaded bySMIT PAREKH
PPTX, PDF1,688 views

EDR(End Point Detection And Response).pptx

This document describes an EDR (Endpoint Detection and Response) system implementation project for Invinsense. The system was developed using technologies like React JS, C language, Python REST API, Docker, Kubernetes, and deployed on both Windows and Linux agents. It provides features like agent monitoring, antivirus scanning, log collection and analysis. Screenshots show interfaces for login, agent details, scanning, dashboards, reports. Future enhancements proposed include SSO, AI/ML, Mac OS agent, Ansible deployment.

Embed presentation

Downloaded 23 times
MCA (Master of Computer Application) Department Faculty of Management & Information Sciences Dharmsinh Desai University, Nadiad Internal Guide Dr. Narayan Joshi Professor & Head, Department of MCA, Dharmsinh Desai University, Nadiad. External Guide Mr. Sunny Rajwadi Head Technology, Infopercept Consulting Pvt Ltd, Ahmedabad. Presented by • Panchal Anuj Shantibhai [MA032] • Parekh Smit Nitinkumar [MA034] • Tank Sandip Pravinbhai [MA050] EDR (Endpoint Detection And Response) Implementation in Invinsense
Agenda ✔Project Definition ✔Challenges ✔Project Profile ✔Functionalities/Features ✔System Design ✔Screenshots of the System ✔System Reports ✔Future Enhancement ✔Bibliography 2
Project Definition EDR is the asset tracking module for the management, monitor IT organization assets like system Server. Whenever security threats found, agent send alerts to the administrator and administrator also keep remotely monitoring their assets. 3
Challenges ✔ Understanding client and server communication on the private network using C language. ✔ Understanding secured communication between client and server. ✔ Create custom active-response in EDR. ✔ Decoding different type of logs with different OS. ✔ Graph generation. ✔ Real-time dashboard. ✔ Scalability. 4
Project Profile Project Title EDR Implementation in Invinsense Aim of Project EDR (Endpoint Detection and Response) Front End React JS Back End C Language, Python REST API Tools CLION, Docker, Kubernetes Methodology OOAD Database EDR Indexer Internal Guide Dr. Narayan Joshi External Guide Mr. Sunny Rajwadi Developed By Panchal Anuj Shantibhai [MA032] Parekh Smit Nitinkumar [MA034] Tank Sandip Pravinbhai [MA050] Duration 6th December 2022 to 12th April 2023 5
Hardware/Software Requirements For Development EDR server requirements ✔ Hardware requirements: • Operating system: Ubuntu 22.04 or other Linux base system/Windows System • CPU: 8 cores minimum • RAM: 8 GB minimum • Storage: 50 GB minimum ✔ Software requirements: • Vs Code, Python 3.8 or Above EDR agent requirements ✔ Hardware requirements: • Operating system: Windows and Linux • CPU: 4 core • RAM: 8 GB RAM • Storage: 25 GB HDD ✔ Software requirements: • CLion • GCC (For Linux)/Mingw (For Windows) 6
Hardware/Software Requirements For Deployment EDR server requirements ✔ Hardware requirements: • Operating system: Ubuntu 20.04 or other Linux base system • CPU: 2 cores minimum • RAM: 4 GB minimum (8 GB recommended) • Storage: 20 GB minimum (SSD recommended) ✔ Software requirements: Java 11 or later EDR agent requirements ✔ Hardware requirements: • Operating system: Windows and Linux • CPU: 1 core • RAM: 256 MB minimum • Storage: 100 MB minimum ✔ Software requirements: • For windows: .NET Framework 4.5 or later • For linux: Python 2.7 or later 7
Functionalities/Features • EDR plugin : ✔ Login ✔ Agent information ✔ OS information ✔ Network information ✔ Application information ✔ Hardware / Software information ✔ On-demand antivirus scan and generate alert on dashboard ✔ Add new agent (For linux and windows both) ✔ View system logs ✔ Deployment ✔ EDR deployment in docker ✔ EDR deployment in kubernetes 8
System Design ✔ Use case diagram ✔ EDR system ✔ Monitor auditing and policy usecase ✔ K8s deployment usecase ✔ Activity diagram ✔ On-demand antivirus scan process ✔ Sequence diagram ✔ Login ✔ View all agent details ✔ Change password ✔ Add new agent ✔ View system log ✔ View system inventory data ✔ Remove agent ✔ Search and filter agent ✔ On-demand antivirus scan ✔ Visualize security events and logs ✔ Analyze vulnerabilities 9
EDR Agent on Windows Manage Agent Screenshots 10
Dashboard Login Page 11
Antivirus Scan Screen 12
EDR Server Communication 13
EDR Server 14
Add New Agent EDR Agent Information 15
Log Information 16
Chart Generation 17
Security Events 18
Log Data Analysis 19
Regulatory-Compliance Dashboard 20
System Reports 21
Kubernetes Workspace Login Page 22
Application Pods Cluster Usage 23
Future Enhancement ✔ SSO implementation with KeyCloak. ✔ Implementation of AI and ML. ✔ Agent Implementation for Mac OS. ✔ Deployment of EDR using Ansible. Bibliography ✔ Docker: o https://docs.docker.com/ o https://docs.docker.com/get-started/ o https://docs.docker.com/get-docker/ o https://docs.docker.com/get-started/overview/ o https://docs.docker.com/desktop/ ✔ Kubernetes: o https://kubernetes.io/docs/home/ o https://kubernetes.io/training/ o https://www.edx.org/course/introduction-to- kubernetes ✔ React JS: o https://react.dev/learn o https://react.dev/reference/react o https://react.dev/community ✔ Python REST API: o https://documentation.wazuh.com/current/user- manual/api/examples.html 24
Thank you 25

More Related Content

PDF
Cisco Security Presentation
bySimplex
 
PDF
Cybersecurity Roadmap for Beginners
bySanjeev Kumar Jaiswal
 
PPTX
102 Information security standards and specifications
bySsendiSamuel
 
PPTX
What is network detection and response?
byVehere
 
PDF
Hard Truths your CISO won’t tell you.pdf
byTravisMcPeak1
 
PPTX
Cybersecurity Threats in Financial Services Protection.pptx
byLumiverse Solutions Pvt Ltd
 
PDF
Setting up CSIRT
byAPNIC
 
PPTX
Identity Management
byVenkatesh Jambulingam
 
Cisco Security Presentation
bySimplex
 
Cybersecurity Roadmap for Beginners
bySanjeev Kumar Jaiswal
 
102 Information security standards and specifications
bySsendiSamuel
 
What is network detection and response?
byVehere
 
Hard Truths your CISO won’t tell you.pdf
byTravisMcPeak1
 
Cybersecurity Threats in Financial Services Protection.pptx
byLumiverse Solutions Pvt Ltd
 
Setting up CSIRT
byAPNIC
 
Identity Management
byVenkatesh Jambulingam
 

What's hot

PPTX
Security Information and Event Management (SIEM)
byk33a
 
PPTX
Security operation center (SOC)
byAhmed Ayman
 
PPTX
Azure Sentinel.pptx
byMohit Chhabra
 
PPTX
Threat Hunting - Moving from the ad hoc to the formal
byPriyanka Aash
 
PPTX
Endpoint Protection
bySophos
 
PPSX
Next-Gen security operation center
byMuhammad Sahputra
 
PDF
From SIEM to SOC: Crossing the Cybersecurity Chasm
byPriyanka Aash
 
PDF
Introduction to MITRE ATT&CK
byArpan Raval
 
PPTX
Security of IOT,OT And IT.pptx
byMohanPandey31
 
PDF
Endpoint Detection & Response - FireEye
byPrime Infoserv
 
PPTX
Security Information and Event Management (SIEM)
byhardik soni
 
PPTX
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
PDF
Microsoft Azure Sentinel
byBGA Cyber Security
 
PPTX
Siem ppt
bykmehul
 
PDF
Introduction to Azure Sentinel
byarnaudlh
 
PPTX
Zero Trust
byBoaz Shunami
 
PDF
Enterprise Security Architecture for Cyber Security
byThe Open Group SA
 
PPTX
Fortinet sandboxing
byNick Straughan
 
PPTX
Cloud security and security architecture
byVladimir Jirasek
 
PPT
Fortinet FortiOS 5 Presentation
byNCS Computech Ltd.
 
Security Information and Event Management (SIEM)
byk33a
 
Security operation center (SOC)
byAhmed Ayman
 
Azure Sentinel.pptx
byMohit Chhabra
 
Threat Hunting - Moving from the ad hoc to the formal
byPriyanka Aash
 
Endpoint Protection
bySophos
 
Next-Gen security operation center
byMuhammad Sahputra
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
byPriyanka Aash
 
Introduction to MITRE ATT&CK
byArpan Raval
 
Security of IOT,OT And IT.pptx
byMohanPandey31
 
Endpoint Detection & Response - FireEye
byPrime Infoserv
 
Security Information and Event Management (SIEM)
byhardik soni
 
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
Microsoft Azure Sentinel
byBGA Cyber Security
 
Siem ppt
bykmehul
 
Introduction to Azure Sentinel
byarnaudlh
 
Zero Trust
byBoaz Shunami
 
Enterprise Security Architecture for Cyber Security
byThe Open Group SA
 
Fortinet sandboxing
byNick Straughan
 
Cloud security and security architecture
byVladimir Jirasek
 
Fortinet FortiOS 5 Presentation
byNCS Computech Ltd.
 

Similar to EDR(End Point Detection And Response).pptx

PPTX
panw-cortex-xdr-customer-presentation.pptx
byduyanhNguyen70
 
PPTX
Critical Capabilities for MDR Services - What to Know Before You Buy
byFidelis Cybersecurity
 
PPTX
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
byIftikhar Ali Iqbal
 
PDF
7 Experts on Implementing Microsoft Defender for Endpoint
byMighty Guides, Inc.
 
PDF
Endpoint Protection Comparison.pdf
byEng. Ala' Zayadeen- MBA,CEH,ISO Lead Implementer, MCP
 
PPTX
Kaspersky Next EDR Foundations Presentation PARTNER ONLY 0925 EN.pptx
byrehan1998shaik
 
PDF
endpoint-detection-and-response-datasheet.pdf
byOlufemi37
 
PDF
cb-EDR-V7_a4_Digital
byOscar Williams
 
PPTX
Understanding Endpoint Detection and Response (EDR)
byvarnika2764
 
PPTX
EDR vs XDR Understanding the Key Differences and Choosing the Right Solution....
byjamesdas270
 
PDF
The Future of Endpoint Detection and Response (EDR) Trends to Watch
byESDS Software Solution Limited
 
PDF
Managed Detection anManaged Detection and Responsed
byitindfw11
 
PDF
Strengthen Endpoint Security with Seqrite EDR
bySEQRITE
 
PPTX
What endpoint protection solutions are available on the market today?
byDavid Strom
 
PDF
Managed End Point security
byMechsoft Technologies LLC
 
PDF
The Importance of EDR Security in Modern Cyber Defense
bySEQRITE
 
PPT
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The Field
byAmit Gatenyo
 
PDF
How endpoint security works
bySilver Touch Technologies Limited
 
PDF
EDR, ETDR, Next Gen AV is all the rage, so why am I ENRAGED?
byMichael Gough
 
PDF
DEF CON 27 - workshop - RICHARD GOLD - mind the gap
byFelipe Prado
 
panw-cortex-xdr-customer-presentation.pptx
byduyanhNguyen70
 
Critical Capabilities for MDR Services - What to Know Before You Buy
byFidelis Cybersecurity
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
byIftikhar Ali Iqbal
 
7 Experts on Implementing Microsoft Defender for Endpoint
byMighty Guides, Inc.
 
Endpoint Protection Comparison.pdf
byEng. Ala' Zayadeen- MBA,CEH,ISO Lead Implementer, MCP
 
Kaspersky Next EDR Foundations Presentation PARTNER ONLY 0925 EN.pptx
byrehan1998shaik
 
endpoint-detection-and-response-datasheet.pdf
byOlufemi37
 
cb-EDR-V7_a4_Digital
byOscar Williams
 
Understanding Endpoint Detection and Response (EDR)
byvarnika2764
 
EDR vs XDR Understanding the Key Differences and Choosing the Right Solution....
byjamesdas270
 
The Future of Endpoint Detection and Response (EDR) Trends to Watch
byESDS Software Solution Limited
 
Managed Detection anManaged Detection and Responsed
byitindfw11
 
Strengthen Endpoint Security with Seqrite EDR
bySEQRITE
 
What endpoint protection solutions are available on the market today?
byDavid Strom
 
Managed End Point security
byMechsoft Technologies LLC
 
The Importance of EDR Security in Modern Cyber Defense
bySEQRITE
 
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The Field
byAmit Gatenyo
 
How endpoint security works
bySilver Touch Technologies Limited
 
EDR, ETDR, Next Gen AV is all the rage, so why am I ENRAGED?
byMichael Gough
 
DEF CON 27 - workshop - RICHARD GOLD - mind the gap
byFelipe Prado
 

More from SMIT PAREKH

PPTX
Virtualization And Containerization.pptx
bySMIT PAREKH
 
PPTX
Visa immigration for canada final 2020 21
bySMIT PAREKH
 
PPTX
Entropy
bySMIT PAREKH
 
PPTX
Green house effect
bySMIT PAREKH
 
PPTX
Pollution
bySMIT PAREKH
 
PPTX
Pollution
bySMIT PAREKH
 
PPTX
Final by smit parekh
bySMIT PAREKH
 
PPTX
Innovation and you
bySMIT PAREKH
 
Virtualization And Containerization.pptx
bySMIT PAREKH
 
Visa immigration for canada final 2020 21
bySMIT PAREKH
 
Entropy
bySMIT PAREKH
 
Green house effect
bySMIT PAREKH
 
Pollution
bySMIT PAREKH
 
Pollution
bySMIT PAREKH
 
Final by smit parekh
bySMIT PAREKH
 
Innovation and you
bySMIT PAREKH
 

Recently uploaded

PDF
reStartEvents January 22nd TS:SCI & Above Employer Directory.pdf
byKen Fuller
 
PDF
Forensic-Accounting-Interview-Questions-and-Answers.pdf/CA Tushar Makkar
byCA Tushar Makkar
 
PPTX
Advanced LinkedIn Strategies January 2026
byBruce Bennett
 
PPTX
Individual_Development_Plan_-_Guide_and_Template.pptx
byAUBREYSINGANYAMA1
 
PDF
Explore the Top Platforms for Purchasing Verified PayPal Accounts.pdf
byNew PvaIT
 
PDF
BCG Attorney Search's The Five Most Important Questions to Ask
byBCG Attorney Search
 
PPT
Hanry Fayol.pptJBJHFIDHEIRHFIHREHIFHREIFHIOREHIFOH
byprachi0rawat
 
PPTX
Week_15-_Workshop__Collecting_and_analysing_qualitative_data__1_.pptx
byisaiahwanjala01
 
PDF
Mission 100 Kit Structure Of Atoms888888888888888888888888
byabhaysaini12558
 
PDF
Qualification n Membership Rajesh Prasad.pdf
byRajesh Prasad
 
PPTX
CareerOptionsAfterHSCCommerceMumbaiNEP2020pptx.pptx
byABDUL RASHEED MOHAMMED MOGHEES
 
DOCX
OBE-Syllabus in HMPE 7 Catering MNGT. 2023-2024.docx
byDonaly Erestingcol
 
PPTX
How to Study At CLC Sikar - Best NEET coaching
byCLC Sikar
 
PPTX
Tunnel diode 15 sep.pptxjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj
byarunkpatel20
 
PDF
Top 10 Home and Online Tutoring Platforms in Karnataka for Teachers.pdf
byDigital Marketing Services India
 
PPTX
ATLS TRAUMA ATLS trauma by Dr.ammar.pptx
bydrpakinamnegmeldin
 
PDF
Top 10 Home and Online Tutoring Platforms in Telangana for Teachers.pdf
byDigital Marketing Services India
 
PPTX
THE REGISTRATION ACT, 1908.pptx updated version
byjasmendrasingh2011
 
PPTX
Formatting _textformatting_varioustypes.pptx
bysharmaridhi1510
 
PPTX
9-Breakeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaven-Point.pptx
bydominicdaltoncaling2
 
reStartEvents January 22nd TS:SCI & Above Employer Directory.pdf
byKen Fuller
 
Forensic-Accounting-Interview-Questions-and-Answers.pdf/CA Tushar Makkar
byCA Tushar Makkar
 
Advanced LinkedIn Strategies January 2026
byBruce Bennett
 
Individual_Development_Plan_-_Guide_and_Template.pptx
byAUBREYSINGANYAMA1
 
Explore the Top Platforms for Purchasing Verified PayPal Accounts.pdf
byNew PvaIT
 
BCG Attorney Search's The Five Most Important Questions to Ask
byBCG Attorney Search
 
Hanry Fayol.pptJBJHFIDHEIRHFIHREHIFHREIFHIOREHIFOH
byprachi0rawat
 
Week_15-_Workshop__Collecting_and_analysing_qualitative_data__1_.pptx
byisaiahwanjala01
 
Mission 100 Kit Structure Of Atoms888888888888888888888888
byabhaysaini12558
 
Qualification n Membership Rajesh Prasad.pdf
byRajesh Prasad
 
CareerOptionsAfterHSCCommerceMumbaiNEP2020pptx.pptx
byABDUL RASHEED MOHAMMED MOGHEES
 
OBE-Syllabus in HMPE 7 Catering MNGT. 2023-2024.docx
byDonaly Erestingcol
 
How to Study At CLC Sikar - Best NEET coaching
byCLC Sikar
 
Tunnel diode 15 sep.pptxjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj
byarunkpatel20
 
Top 10 Home and Online Tutoring Platforms in Karnataka for Teachers.pdf
byDigital Marketing Services India
 
ATLS TRAUMA ATLS trauma by Dr.ammar.pptx
bydrpakinamnegmeldin
 
Top 10 Home and Online Tutoring Platforms in Telangana for Teachers.pdf
byDigital Marketing Services India
 
THE REGISTRATION ACT, 1908.pptx updated version
byjasmendrasingh2011
 
Formatting _textformatting_varioustypes.pptx
bysharmaridhi1510
 
9-Breakeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaven-Point.pptx
bydominicdaltoncaling2
 

EDR(End Point Detection And Response).pptx

  • 1.
    MCA (Master ofComputer Application) Department Faculty of Management & Information Sciences Dharmsinh Desai University, Nadiad Internal Guide Dr. Narayan Joshi Professor & Head, Department of MCA, Dharmsinh Desai University, Nadiad. External Guide Mr. Sunny Rajwadi Head Technology, Infopercept Consulting Pvt Ltd, Ahmedabad. Presented by • Panchal Anuj Shantibhai [MA032] • Parekh Smit Nitinkumar [MA034] • Tank Sandip Pravinbhai [MA050] EDR (Endpoint Detection And Response) Implementation in Invinsense
  • 2.
    Agenda ✔Project Definition ✔Challenges ✔Project Profile ✔Functionalities/Features ✔SystemDesign ✔Screenshots of the System ✔System Reports ✔Future Enhancement ✔Bibliography 2
  • 3.
    Project Definition EDR isthe asset tracking module for the management, monitor IT organization assets like system Server. Whenever security threats found, agent send alerts to the administrator and administrator also keep remotely monitoring their assets. 3
  • 4.
    Challenges ✔ Understanding clientand server communication on the private network using C language. ✔ Understanding secured communication between client and server. ✔ Create custom active-response in EDR. ✔ Decoding different type of logs with different OS. ✔ Graph generation. ✔ Real-time dashboard. ✔ Scalability. 4
  • 5.
    Project Profile Project TitleEDR Implementation in Invinsense Aim of Project EDR (Endpoint Detection and Response) Front End React JS Back End C Language, Python REST API Tools CLION, Docker, Kubernetes Methodology OOAD Database EDR Indexer Internal Guide Dr. Narayan Joshi External Guide Mr. Sunny Rajwadi Developed By Panchal Anuj Shantibhai [MA032] Parekh Smit Nitinkumar [MA034] Tank Sandip Pravinbhai [MA050] Duration 6th December 2022 to 12th April 2023 5
  • 6.
    Hardware/Software Requirements For Development EDRserver requirements ✔ Hardware requirements: • Operating system: Ubuntu 22.04 or other Linux base system/Windows System • CPU: 8 cores minimum • RAM: 8 GB minimum • Storage: 50 GB minimum ✔ Software requirements: • Vs Code, Python 3.8 or Above EDR agent requirements ✔ Hardware requirements: • Operating system: Windows and Linux • CPU: 4 core • RAM: 8 GB RAM • Storage: 25 GB HDD ✔ Software requirements: • CLion • GCC (For Linux)/Mingw (For Windows) 6
  • 7.
    Hardware/Software Requirements For Deployment EDRserver requirements ✔ Hardware requirements: • Operating system: Ubuntu 20.04 or other Linux base system • CPU: 2 cores minimum • RAM: 4 GB minimum (8 GB recommended) • Storage: 20 GB minimum (SSD recommended) ✔ Software requirements: Java 11 or later EDR agent requirements ✔ Hardware requirements: • Operating system: Windows and Linux • CPU: 1 core • RAM: 256 MB minimum • Storage: 100 MB minimum ✔ Software requirements: • For windows: .NET Framework 4.5 or later • For linux: Python 2.7 or later 7
  • 8.
    Functionalities/Features • EDR plugin: ✔ Login ✔ Agent information ✔ OS information ✔ Network information ✔ Application information ✔ Hardware / Software information ✔ On-demand antivirus scan and generate alert on dashboard ✔ Add new agent (For linux and windows both) ✔ View system logs ✔ Deployment ✔ EDR deployment in docker ✔ EDR deployment in kubernetes 8
  • 9.
    System Design ✔ Usecase diagram ✔ EDR system ✔ Monitor auditing and policy usecase ✔ K8s deployment usecase ✔ Activity diagram ✔ On-demand antivirus scan process ✔ Sequence diagram ✔ Login ✔ View all agent details ✔ Change password ✔ Add new agent ✔ View system log ✔ View system inventory data ✔ Remove agent ✔ Search and filter agent ✔ On-demand antivirus scan ✔ Visualize security events and logs ✔ Analyze vulnerabilities 9
  • 10.
    EDR Agent onWindows Manage Agent Screenshots 10
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
    Add New Agent EDRAgent Information 15
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
    Future Enhancement ✔ SSOimplementation with KeyCloak. ✔ Implementation of AI and ML. ✔ Agent Implementation for Mac OS. ✔ Deployment of EDR using Ansible. Bibliography ✔ Docker: o https://docs.docker.com/ o https://docs.docker.com/get-started/ o https://docs.docker.com/get-docker/ o https://docs.docker.com/get-started/overview/ o https://docs.docker.com/desktop/ ✔ Kubernetes: o https://kubernetes.io/docs/home/ o https://kubernetes.io/training/ o https://www.edx.org/course/introduction-to- kubernetes ✔ React JS: o https://react.dev/learn o https://react.dev/reference/react o https://react.dev/community ✔ Python REST API: o https://documentation.wazuh.com/current/user- manual/api/examples.html 24
  • 25.