ACSIA XDR Plus Feature Comparison
ACSIA XDR Plus™ is a feature-rich cybersecurity application. The table below gives details on all the features in our base product. There are no extra costs for modules, add-ons, features, or reports.
| Type of feature | Included in ACSIA™? | Feature detail |
|---|---|---|
| Does the product contain an EDR? | ✔ | Endpoint Detection and Response provides an integrated endpoint security solution for each device being protected, that combines real-time continuous monitoring and collection of data with rules-based analysis and automated remediation capabilities. |
| Does the product contain an IDS? | ✔ | An Intrusion Detection System is a device or software application that monitors a network or systems for malicious activity or policy violations. |
| Does the product contain an IPS? | ✔ | An intrusion prevention system is a form of network security that works to detect and prevent identified threats. Intrusion prevention systems continuously monitor your network, looking for possible malicious incidents and capturing information about them. ACSIA comes with real time IPS functionality and automates the blocking of external threats. |
| Does the product contain an SIEM? | ✔ | A Security Information and Event Management System gathers events from all sources across the network, provides timeline and historical data and is used for event correllation purposes in advanced solutions like ACSIA |
| Does the product contain Real time pre-emptive anti-survellience technology? | ✔ | As solution which incorporates anti-survelliance technologies prevents cybercriminals from gathering the required information use when planning a cyberattack. This pre-emptive cyberdefence capability massively reduces the threat levels of a cyberattack to your business. |
| Does the product provide Windows protection? | ✔ | Many customers have both Windows and Linux deployments in their infrastructure and a comprehenisive cyberdefence strategy should protect both technologies in a similar manner. |
| Does the product provide Linux Protection? | ✔ | Many customers have both Windows and Linux deployments in their infrastructure and a comprehenisive cyberdefence strategy should protect both technologies in a similar manner. |
| Is the product compatible with Physical and Virtual server deployment? | ✔ | The majority of customers have physical and/or virtual environments in their infrastructure which must be protected. |
| Is the product compatible with all major container and cloud deployment types? | ✔ | Containerization eliminates this problem by bundling the application code together with the related configuration files, libraries, and dependencies required for it to run. This single package of software or “container” is abstracted away from the host operating system, and hence, it stands alone and becomes portable—able to run across any platform or cloud, free of issues. Containerization has become a major trend in software development as an alternative or companion to virtualization and ACSIA fully supports all major container formats. |
| Is the product built using Opensource Tools? | ✔ | Opensource tools evolve significantly faster than proprietary alternatives and opensource now dominates the technology sector. The best method to combat the rapidly changing cyber threat landscape is to use a platform like ACSIA that uses the the most advanced opensource cyberdefence tools. The use of an opensource solution removes a lot of proprietary lock-in and expensive proprietary tool selection used in these products. |
| Does the product include Artificial Intelligance (AI)? | ✔ | Most cybersecurity vendors use a combination of AI/ML for detecting anomolous activities which may be related to security events and automating a response to them. Unfortunately this is a highly innacurate method to detect exclusively security related incidents when network traffic is encrypted, and these products generate massive volumes of false positives. ACSIA uses AI/ML for orchestration and automation after our core algorithms and pattern detection have detected a security event before using AI/MLto determine the most appropriate automated remediation action. |
| Does the product include Machine Learning (ML)? | ✔ | Most cybersecurity vendors use a combination of AI/ML for detecting anomolous activities which may be related to security events and automating a response to them. Unfortunately this is a highly innacurate method to detect exclusively security related incidents when network traffic is encrypted, and these products generate massive volumes of false positives. ACSIA uses AI/ML for orchestration and automation after our core algorithms and pattern detection have detected a security event before using AI/MLto determine the most appropriate automated remediation action. |
| Does the product offer an Agent and Agentless option to monitor Clients and perform internal logs analysis? | ✔ | ‘Client Agents’ are small programs which are required to be installed across all devices being monitored in an environent and may require occasional updates which can add operation overhead but increased functionality |
| Does the product provide Malware protection? | ✔ | Malware protection checks internal processes and activity at Kernel or Registery level for suspicious and anomalous behaviour |
| Does the product supress false positive security alerts? | ✔ | Most cybersecurity products that focus on external threats are monitoring encrypted network traffic which by defination cannot be analysed. They therefore use Big Data (AI and ML) to calculate if anomolies in the traffic patterns are suspicious and therefore raise vast numbers of false alerts which all need to be investigated by your security teams. ACSIA works by analysing system logs, so any reported security incident are+K15 real security threats, with exceptionally level of false positives. |
| Does the product include cybersecurity remediation? | ✔ | The ability to detect and remediate cybersecurity threats enables end users to automate or manually select the recommendations provided by the cyberdefense platform. |
| Can the product detect Kernel processes for abnormal behaviour (Linux)? | ✔ | The kernel is at the core of a computer’s operating system and maintains complete control over everything single operation of the system. It is the portion of the operating system code that is always resident in memory and facilitates interactions between all hardware and software components. No process can be executed without userspace or systemspace activity in the Kernel. Including a Kernel monitoring capability enables granular levels of monitoring to be performed and allows malicious activity to be reported and remediated. |
| Does the product provide file integrity checks? | ✔ | File integrity monitoring is an internal control or process that performs the act of validating the integrity of operating system and application software files using a verification method between the current file state and a known, good baseline. |
| Is the product provided with a Web & Mobile User Interface? | ✔ | Cybersecurity management can be performed anywhere on a smart device and not only on a desktop device. |
| Will the product minimize workload and deliver predictable running costs? | ✔ | Some products require addional spend by user/seat/GB and become more expensive as the environment grows |
| Is the product suitable for SMB and Enterprise Deployment? | ✔ | ACSIA is cyberdefense solution that scales linearly from SMB to Enterprise environments. The product does not impose a performance overhead that is common with security products that require Client Agents to be deployed. The ACSIA core application server can be deployed on a 2-core server and use opensource technology, so we do not have the expensive costs associated with proprietary solutions that makes a small deployment prohibitively expensive. The product can therefore be deployed quickly in SMB and Enterprise environments alike. |
| Can the product be Installed in less than 1 hour? | ✔ | The simplicity of installation is a reflection on the complexity of the product to operate and manage. ACSIA is typically installed in 20 minutes. |
| Does the product eliminate the need for daily/routine maintenance updates? | ✔ | Unlike most products, ACSIA is not dependent on malware signature updates and requires very occasional software updates to the application. This means that your cyberdefence is not depricated due to regular malware signature update failures, and requires less operational management to maintain than other products. |
| Will the product operate in Air-gapped Network? | ✔ | This is a specific requirement for a limited number of customer requirements who segment their network and have an ‘air gap’ between an externally facing public networks and their internal network. ACSIA is not dependent on malware signature updates and uses monitoring of logs and advanced analytical algorithims to detect and remediate threats and will operate with only very occasional software updates to the application. |
| Does the base product come with predictive cyber defense (threat intelligence) capability included? | ✔ | A predictive cyber defensive solution is aware of billions of threats such as sources of malicious IP Addresses or sources of malware, and will proactively blocks requests emanating from these locations from accessing your environment. This significantly reduces the vectors of attack, as predictive defense will obfuscate an environment from these cyber criminals. |
| Does the vendor have a Threat Intelligence product that recognizes anonymous networks such as TOR exit nodes and block them? | ✔ | Access from anonymous networks into an environment is an obvious threat that should be prevented. A predictive cyber security product must be able to block traffic originating from anonymous networks such as TOR. |
| Does the vendor have a Threat Intelligence product that contains an IP reputation classification and blocking capability? | ✔ | A predictive cyber defense solution must contain a threat intelligence online feed service which classifies IP addresses with a reputation scoring. Originating traffic from IP addresses with a high reputational score (major threat level) should always be proactively blocked from accessing an environment. |
| Does the vendor have a Threat Intelligence product that can identify and block malicious URLs that are trying to make outbound connections? | ✔ | A predictive cyber defense solution should contain an online feed of malicious URLs which are typically used in order to donwload and deploy malware (common with email phishing containing malware URL/link) and block the links. |
| Product Pricing | $ | Typical price scale of various cyber security products. |
| Infrastructure Costs to Host Solution | $ | Some Cyber Security products require large infrastructure footprints to host. This is a comparative costing for each product infrastructure requirements. |
| Installation/deployment Costs | Free | Some Cyber Security products require a long, complex and costly deployment cost. This is a comparative pricing for each product deployment cost. |
| Operational Costs | $ | Most Cyber Security solutions generate large numbers of false positives alerts that need to be investigated by trained Security Specialists & Consultants. Only ACSIA eliminates these erroneous alerts (by over 95%) resulting in low operational/management costs. |