Download OESIS Endpoint Assessment Tool
After the Detection Module detects installed applications on endpoint devices, the Compliance Module enables governance of these applications. APIs provided by the Compliance Module enable solutions developed using these APIS to check, and in many cases, remediate application specific settings.
APIs for managing different types of applications are categorized into common and advanced methods. Common functions like start and terminate application are supported for all application types. Advanced functions supported depend on the type of application.
Below are some of the features supported for several of the application types. A full set of APIs supported for different application types are detailed in the API documentation.
The APIs supported for anti-malware applications include checking and updating malware definitions, launching a full system scan, turning real-time protection on or off and more. These APIs can be used to verify that an antimalware solution has the optimal configurations to reduce threats to an endpoint, and to remediate misconfigured antimalware settings.
The Browser APIs allow checks for whether the antiphishing setting is enabled on all major or specific browsers. Phishing sites remain a very common vector for serious infections, especially with Trojans that have the potential to compromise your entire network. APIs to delete bookmarks, check validity of certificates and delete the cache are supported as well.
The APIs for firewalls enable a check for whether the firewall is enabled as well as whether any custom rules that may be mandated by your organization's policies are being followed (such as disallowing P2P or network gaming ports and protocols). Files downloaded from P2P networks are very often infected with Trojans or viruses.
Hard Disk Encryption
The Compliance Module exposes APIs to detect the hard disk encryption software on a device and report what portions of the disk are encrypted. Ensuring that sensitive data is not leaked, especially when the endpoint is lost or stolen. This is a patented method to detect and report the encryption state of any physical disk by retrieving settings and status of the 3rd party applications.
Query installed patch management clients to detect and report the device patch level with detailed severity information for compliance purposes. Additionally, the Compliance module exposes APIs to fetch and install missing operating system patches.
The Backup APIs identify the storage location for both cloud and on-premises backup solutions. Additionally, these APIs report last back up times (which indicates the degree to which the identified Backup solution is actively being used) and also the media type (e.g., network volume, CD-ROM, etc.) to which data is being copied.