In the event of infection, administrators must be able to work in two lines of action: quickly restore affected computers to their original state, and assess the impact of the infection, that is, find out whether there was a data leak, the extent of the attack, which computers were compromised, etc. The Remediation and Response phase provides tools for these two scenarios.
Adaptive Defense 360 provides several remediation tools, some manual and some automatic.
The automatic tools include the traditional disinfection module typical of antivirus solutions, along with the quarantine used to store suspicious or deleted items.
In the case of infections caused by advanced malware or very complex disinfections, administrators have the option to use a standalone disinfection tool developed by Panda Security from the administration console: Cloud Cleaner.
Additionally, they can also use remote desktop tools to connect to other computers remotely and troubleshoot issues caused by malware.
Administrators have a forensic analysis tool that displays every action taken by malware, including the infection vector (the way the malware entered the network), information about any attempt to spread to other computers or access the user's hard disk to steal confidential information, and any connections made to external computers.
Additionally, the Logtrust accumulated knowledge server stores every action taken by the processes run by users. This makes it possible to extend the functionality of the forensic analysis module and perform advanced searches to generate activity graphs that aid data analysis and interpretation.
Related topics