The product is fairly new compared to others like Trend Micro or Symantec. However, it offers sophisticated features, especially in scanning and analyzing activities on workstations or servers. It can prevent malicious operations from spreading to other applications or the network. This feature is particularly effective because it operates at the IO level, unlike behavior or signature analysis used by other products. It contains threats and alerts administrators about whether they are false positives or real threats that need immediate action or support recommendations.
I think having a higher level of MDR would be beneficial, although it's quite expensive. This would involve not just monitoring the network but also taking actions to stop and detect threats. We haven't implemented this yet, but we're considering it for our organization's plans.
