Endpoint Security
Explore 73 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A managed security service providing comprehensive endpoint protection, XDR capabilities, and 24/7 managed detection and response across multiple platforms and environments.
A managed security service providing comprehensive endpoint protection, XDR capabilities, and 24/7 managed detection and response across multiple platforms and environments.
Endian Secure Digital Platform provides integrated cybersecurity solutions for IT and OT environments through management tools, security gateways, and endpoint connectivity components.
Endian Secure Digital Platform provides integrated cybersecurity solutions for IT and OT environments through management tools, security gateways, and endpoint connectivity components.
FortiSASE is a cloud-delivered SASE solution that combines SD-WAN with security service edge capabilities to provide secure access to web, cloud, and applications for hybrid workforces.
FortiSASE is a cloud-delivered SASE solution that combines SD-WAN with security service edge capabilities to provide secure access to web, cloud, and applications for hybrid workforces.
Venn creates secure enclaves on unmanaged BYOD devices using Blue Border™ technology to visually separate and encrypt work applications and data from personal use.
Venn creates secure enclaves on unmanaged BYOD devices using Blue Border™ technology to visually separate and encrypt work applications and data from personal use.
Warden is a zero-trust endpoint protection platform that uses kernel-level API virtualization and default-deny policies to prevent malware execution and unauthorized system operations on business endpoints.
Warden is a zero-trust endpoint protection platform that uses kernel-level API virtualization and default-deny policies to prevent malware execution and unauthorized system operations on business endpoints.
CyberArk is an identity security platform that secures human and machine identities through privileged access management, secrets management, and intelligent privilege controls across on-premises, hybrid, and cloud environments.
CyberArk is an identity security platform that secures human and machine identities through privileged access management, secrets management, and intelligent privilege controls across on-premises, hybrid, and cloud environments.
An enterprise cybersecurity platform that unifies endpoint, cloud, and identity security through an integrated data lake architecture with AI-powered analysis capabilities.
An enterprise cybersecurity platform that unifies endpoint, cloud, and identity security through an integrated data lake architecture with AI-powered analysis capabilities.
A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.
A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.
A GenAI-powered security platform that integrates endpoint, email, network, data, cloud, and security operations capabilities for comprehensive threat detection and response.
A GenAI-powered security platform that integrates endpoint, email, network, data, cloud, and security operations capabilities for comprehensive threat detection and response.
Todyl is a modular cybersecurity platform that consolidates SASE, SIEM, EDR/NGAV, MXDR, and GRC capabilities into a single-agent solution with centralized management.
Todyl is a modular cybersecurity platform that consolidates SASE, SIEM, EDR/NGAV, MXDR, and GRC capabilities into a single-agent solution with centralized management.
PAGO Networks delivers AI-powered managed security services including MDR, integrated EPP/EDR, dark web monitoring, Open XDR, and OT-oriented endpoint protection.
PAGO Networks delivers AI-powered managed security services including MDR, integrated EPP/EDR, dark web monitoring, Open XDR, and OT-oriented endpoint protection.
An enterprise resilience platform providing self-healing security solutions for endpoints, applications, and network access with firmware-embedded technology to ensure systems remain visible, connected, and protected.
An enterprise resilience platform providing self-healing security solutions for endpoints, applications, and network access with firmware-embedded technology to ensure systems remain visible, connected, and protected.
A security solution that monitors, detects, and responds to insider threats by providing visibility into user activities across endpoints, email, and cloud to prevent data loss from careless, compromised, or malicious insiders.
A security solution that monitors, detects, and responds to insider threats by providing visibility into user activities across endpoints, email, and cloud to prevent data loss from careless, compromised, or malicious insiders.
An endpoint data loss prevention solution that discovers, classifies, and protects sensitive data while controlling data transfer methods and mitigating insider threats.
An endpoint data loss prevention solution that discovers, classifies, and protects sensitive data while controlling data transfer methods and mitigating insider threats.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
CrowdStrike Falcon Insight XDR is an AI-powered endpoint detection and response solution that provides comprehensive protection, visibility, and automated response capabilities.
CrowdStrike Falcon Insight XDR is an AI-powered endpoint detection and response solution that provides comprehensive protection, visibility, and automated response capabilities.
A software tool that enhances visibility and control over application activities on a user's computer, helping to identify and prevent potential security threats.
A software tool that enhances visibility and control over application activities on a user's computer, helping to identify and prevent potential security threats.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
Microsoft Defender for Endpoint is a comprehensive endpoint security solution that provides industry-leading, multi-platform detection and response capabilities.
Microsoft Defender for Endpoint is a comprehensive endpoint security solution that provides industry-leading, multi-platform detection and response capabilities.
Powerfully simple endpoint security solution that takes down threats without interrupting business.
Powerfully simple endpoint security solution that takes down threats without interrupting business.
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
Comprehensive endpoint security solution providing proactive defenses, remediation tools, and centralized management to prevent threats and ensure uptime.
Comprehensive endpoint security solution providing proactive defenses, remediation tools, and centralized management to prevent threats and ensure uptime.
AMDH is a Python3 Android security tool that automates mobile device hardening through malware detection, privacy protection, CIS benchmark compliance, and application security analysis.
AMDH is a Python3 Android security tool that automates mobile device hardening through malware detection, privacy protection, CIS benchmark compliance, and application security analysis.
A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.
A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.
Deep Instinct is a predictive prevention platform that uses deep learning to prevent unknown threats, including ransomware and zero-day malware, from infiltrating storage environments, applications, and endpoints.
Deep Instinct is a predictive prevention platform that uses deep learning to prevent unknown threats, including ransomware and zero-day malware, from infiltrating storage environments, applications, and endpoints.
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
A lightweight malware detection and removal tool that provides real-time protection against complex attacks while preserving system resources.
A lightweight malware detection and removal tool that provides real-time protection against complex attacks while preserving system resources.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
SentinelOne's Singularity Platform is an AI-powered enterprise security platform providing autonomous endpoint, cloud, identity, and data protection through its integrated XDR solution.
SentinelOne's Singularity Platform is an AI-powered enterprise security platform providing autonomous endpoint, cloud, identity, and data protection through its integrated XDR solution.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
Comprehensive endpoint security solution for enterprise networks and SMBs
Comprehensive endpoint security solution for enterprise networks and SMBs
Ghost USB Honeypot emulates USB storage devices to detect and analyze malware that spreads via USB without requiring prior threat intelligence.
Ghost USB Honeypot emulates USB storage devices to detect and analyze malware that spreads via USB without requiring prior threat intelligence.
Santa is a macOS binary and file access authorization system that monitors executions and makes allow/block decisions based on local database rules.
Santa is a macOS binary and file access authorization system that monitors executions and makes allow/block decisions based on local database rules.
SharpEDRChecker scans system components to detect security products and tools.
SharpEDRChecker scans system components to detect security products and tools.
Emsisoft Enterprise Security + EDR provides robust and proven endpoint security for organizations of all sizes with layered protection and a cloud-based management console.
Emsisoft Enterprise Security + EDR provides robust and proven endpoint security for organizations of all sizes with layered protection and a cloud-based management console.
Utilizing SIEM, SOAR, and EDR technologies to enhance security operations with a focus on reducing incident response time.
Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.
Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.
FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.
FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.
PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
Comprehensive endpoint protection platform providing unified visibility and security for cloud workloads, endpoints, and containers.
Comprehensive endpoint protection platform providing unified visibility and security for cloud workloads, endpoints, and containers.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.
A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.
Sophos Intercept X Endpoint is a comprehensive endpoint security solution that provides unparalleled protection against advanced attacks, ransomware, and data loss.
Sophos Intercept X Endpoint is a comprehensive endpoint security solution that provides unparalleled protection against advanced attacks, ransomware, and data loss.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
Endpoint security solution for businesses with advanced threat protection and management
Endpoint security solution for businesses with advanced threat protection and management
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
Cisco Secure Endpoint is a cloud-native endpoint security solution that provides advanced protection and response to threats.
Cisco Secure Endpoint is a cloud-native endpoint security solution that provides advanced protection and response to threats.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.
A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.
An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.
An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.
Endpoint security platform using Moving Target Defense to prevent cyber attacks and provide adaptive exposure management and threat prevention.
Endpoint security platform using Moving Target Defense to prevent cyber attacks and provide adaptive exposure management and threat prevention.
Cortex XDR is a comprehensive endpoint security solution that blocks advanced attacks with behavioral threat protection, AI, and cloud-based analysis, and provides complete endpoint security and lightning-fast investigation and response.
Cortex XDR is a comprehensive endpoint security solution that blocks advanced attacks with behavioral threat protection, AI, and cloud-based analysis, and provides complete endpoint security and lightning-fast investigation and response.
Xcitium's unified zero-trust platform secures endpoints to cloud workloads using patented Zero Dwell technology, providing complete protection from ransomware and malware infections.
Xcitium's unified zero-trust platform secures endpoints to cloud workloads using patented Zero Dwell technology, providing complete protection from ransomware and malware infections.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
AhnLab PLUS is a unified security platform providing comprehensive cybersecurity solutions for businesses.
AhnLab PLUS is a unified security platform providing comprehensive cybersecurity solutions for businesses.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
Comprehensive endpoint protection solution providing advanced threat detection, proactive defense, and efficient management.
Comprehensive endpoint protection solution providing advanced threat detection, proactive defense, and efficient management.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.
YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.
Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
Absolute Security provides a comprehensive cybersecurity platform that offers endpoint-to-network access coverage, automated security compliance, and secure endpoint and access solutions.
Absolute Security provides a comprehensive cybersecurity platform that offers endpoint-to-network access coverage, automated security compliance, and secure endpoint and access solutions.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
Fleet is an open-source endpoint management platform that provides device management, vulnerability reporting, and security monitoring capabilities for IT and security teams managing large computer environments.
Fleet is an open-source endpoint management platform that provides device management, vulnerability reporting, and security monitoring capabilities for IT and security teams managing large computer environments.
