With RDS, we classify two types of severity: Incidents are suspected breaches, which can consist of a single high severity detection or several medium or low detections. Detections can be either high, medium, or low. The Rapid Detection and Response Service uses the data, as well as our human expertise to respond to the severity in the appropriate way. For example, we report on all detections in the portal and send our customers email notification. If a detection is elevated to an incident, we notify our customers by phone, as well as providing them with the event data from the portal. ... View more

F-Secure Rapid Detection & Response Service (RDS) is a managed intrusion detection and response service that combines the best technology with the best security experts. Advanced Persistent Threats (APT) and cyber threats are already an extremely costly problem for companies. Defending against these attacks requires both the latest technological solutions and the expertise to analyze and understand the available data. Rapid Detection & Response Service has been specifically designed to meet the rapidly changing security landscape, where the commoditization of attack tools and processes now allows cyber criminals to focus on individual companies. By combining technology and experts, we are able to cut the time from detection to response to a minimum and make it easy for customers to adopt our service. Detection is based on lightweight sensors - available for workstations and servers (Windows, Mac, Linux) as well as networks (honeypots and network sensors - passive network monitors) - that send all the collected data to our security cloud. Saving the data from the sensors to our cloud allows us not just to do real-time detection, but also to make detections based on applying new rules to old data. ... View more

Operating system The RDS Windows sensor supports both 32-bit and 64-bit platforms and is designed to run on both client and server versions of the Microsoft Windows operating system. Supported client operating systems: Windows 7 (with KB3033929) Windows 8 Windows 8.1 Windows 10 Supported server operating systems: Windows 2008 R2 (with KB3033929) Windows 2012 Windows 2012 R2 Windows 2016 Processor and memory Given the lightweight nature of the RDS sensor, there are no significant requirements regarding CPU and RAM; any machine capable of properly running the supported versions of the operating system should be able to run the client sensor without any noticeable impact. Disk space To optimize the data collection and ensure that no activity is lost even when the machine is disconnected from the backend system, the RDS Windows sensor uses a local database to store the data that it collects. The upper limit for this local storage is 100 megabytes by default, meaning that any machine with over 100 megabytes of free space is suitable for installation. Note: The sensor and its database are stored on the primary partition of the hard drive. ... View more

Operating system The RDS Mac sensor supports the following versions of the macOS operating systems: macOS 10.13 (High Sierra) macOS 10.12 (Sierra) OS X 10.11 (El Capitan) Processor Given the lightweight nature of the RDS sensor, there are no significant requirements regarding the CPU. Memory The RDS Mac sensor's performance relies heavily on RAM buffers. A typical Mac sensor's RAM consumption is 20 MB, however in some rare circumstances (for example, when the server is under high load or there is a long network break), the sensor may use 100 MB of RAM. Disk space Typically, disk space usage is less than 20 MB. ... View more

Operating system The RDS Linux sensor is designed to run on any recent major version of the following 64-bit (amd64) linux distributions. Note: Containers are not supported. Supported operating systems: CentOS 6 CentOS 7 RHEL 6 RHEL 7 AMI Linux Debian 7 Debian 8 Ubuntu 16.04 Processor Given the lightweight nature of the RDS sensor, there are no significant requirements regarding the CPU; any machine capable of properly running the supported versions of the operating system should be able to run the client sensor without any noticeable impact. Memory The RDS Linux sensor's performance relies heavily on RAM buffers. A typical Linux sensor's RAM consumption is 100 MB, however in some rare circumstances (for example, when the server is under high load or there is a long network break), the sensor may use 500 MB of RAM. Disk space Typically, disk space usage is less than 20 MB. ... View more

For servers, we are currently able to collect the necessary data with our generic sensors, so there is no need for separate server sensors. ... View more

When an update to the RDS sensors is available, F-Secure notifies your organization. The notification includes a changelog, as well as instructions on how to retrieve the updated package. Testing of the updated package should proceed as described for manual installation. To update the sensors, install the new package over the existing installation, exactly as if it was a completely new installation. This means that you do not have to uninstall anything or perform any other cleanup tasks. No restart is required. ... View more

No. RDS only works with a working internet connection, as it is a cloud solution. However, proxy support is available. ... View more

Symptoms After the firmware update in version 1.7.104.20, port forwarding rules are not working. Diagnosis This issue is due to the recent enablement of the multicasting functionality in firmware version 1.7.104.20, which causes user-defined port forwarding rules to be overwritten by a new IP table rule. Solution Set up port forwarding rules again. Please refer to this article on how to set port forwarding. ... View more

With a TOTAL subscription, the number of KEY licenses is determined by your TOTAL subscription. For example, if your TOTAL subscription covers 5 devices, this means five different users can use KEY on their devices. These five users can then sync their passwords with an unlimited number of devices. Related information What is F-Secure KEY? What is an F-Secure KEY Master Password? F-Secure KEY in a nutshell How does F-Secure TOTAL licensing work? ... View more

This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Japanese, Dutch, Polish. This article only applies to you if you have an F-Secure TOTAL subscription. With TOTAL, you can order your SENSE router in the following countries: Austria Belgium Denmark Finland France Germany Netherlands Norway Sweden United Kingdom United States Related information How do I order a SENSE router after purchasing F-Secure TOTAL? ... View more

This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Dutch. F-Secure TOTAL now comes with SENSE home protection. If you have purchased TOTAL, you first need to buy the SENSE router to take your home protection into use. You can do this as follows: Log in to your My F-Secure account. Select Subscription in the top bar. Next to F-Secure SENSE, select Buy. This takes you to the shopping cart. In Shipping information, enter your shipping and payment details, then select Continue. In Confirm order, check (and update if needed) the shipping information, billing address and payment details, then select Buy now. Your order is processed and a confirmation email is sent to you with tracking details. Note: Your SENSE router will be delivered by courier. Therefore, please double-check and modify, if needed, all the pre-filled and payment details in order for you to receive the parcel successfully. Related information I already have SENSE. Can I add it to my TOTAL subscription? How does F-Secure TOTAL licensing work? ... View more

This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Dutch. F-Secure TOTAL now comes with SENSE home protection. Also new to TOTAL is F-Secure KEY -- an easy password manager that allows you to store passwords securely. If you already have F-Secure SENSE and want to have F-Secure TOTAL as well, we are now offering you 6 months of free TOTAL, which comes with the newly added KEY and home protection, as well as F-Secure FREEDOME VPN. For us to activate this for you, all you need to do is contact F-Secure Customer Support, provide us with your SENSE serial number and the email address with which you access your My F-Secure account, and we will sort this out for you. We will add SENSE to your TOTAL subscription so that you can manage all your F-Secure products in My F-Secure. Important: If your current SENSE subscription is longer than the free six-month TOTAL offer, the length of your SENSE subscription will be synced with the TOTAL subscription. In other words, if you want to keep your current SENSE subscription until its original expiry date, add your SENSE to your TOTAL subscription only when your current SENSE subscription is about to end. Related information What is F-Secure TOTAL? ... View more

This article in other languages: Finnish, Swedish, Danish, German, French, Italian. If you already have F-Secure KEY installed and have upgraded to a TOTAL subscription, you are able to link your password data to your TOTAL subscription. To do this, activate your TOTAL subscription in the KEY app as follows: Open the application and sign in with your master password. Select Subscription in the main Menu bar (top left). Select Choose a provider, then F-Secure. This takes you to the My F-Secure log-in page. Fill in your credentials and select Log in. Once logged in, your subscription details appear. Your password data is now linked to your TOTAL subscription. Note: If you do not see F-Secure in Subscription > Choose a provider , update your F-Secure KEY software via My F-Secure, or if a mobile device, via the respective app store. Related information How do I take F-Secure TOTAL into use? What is F-Secure TOTAL? ... View more

This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Japanese, Dutch, Polish. Symptoms When visiting a banking site, the Banking protection banner does not appear. Diagnosis There are a few possibilities why Banking protection may not activate when visiting a banking site. For example: Right after starting your PC, and to help your PC start faster, our product waits a moment before it loads the user interface (UI). If you start your banking session immediately after starting your PC, the UI may not appear right away. There is a 60 second 'cool down' period after ending the previous banking session. If you start a new session during this time, banking protection is not activated. The product may have been upgraded in the background. Your online bank may not be listed in our database. Solution To help troubleshoot, do the following: Ensure that you are using a supported browser: Internet Explorer 11, Mozilla Firefox (2 latest major versions), Google Chrome (2 latest major versions). Note: Microsoft Edge is not supported due to lack of browser plugin for Edge. Check that Banking protection is enabled in the settings: Open the F-Secure security product. Select Settings > Secure Browsing. Under Banking protection, click on the slider to turn on Banking protection. Note: You need administrative rights to change the settings. If the product has been upgraded, restart the browser and try accessing your online bank again. Turn off and on the product security features: Open the F-Secure security product. Select Tools > Turn off all security features. Select Turn off. Note: You need administrative rights to change the settings. On the product main page, select Turn on to re-enable all security features. Check that the browsing protection extension is enabled in the browser you are using: In Mozilla Firefox: see article How do I enable the browsing protection extension in Firefox? In Google Chrome: see article How do I enable the browsing protection extension in Chrome? In Microsoft Internet Explorer: see article How do I enable the browsing protection extension in Internet Explorer on a Windows computer? If the browsing protection extension is not listed in your browser, you need to reinstall the extension manually: Open your F-Secure security product. Select Settings > Secure Browsing. Under Browser extensions, click Reinstall extensions. You need administrative rights to change the settings. Note: Google Chrome may require that you reinstall the extension from Chrome Web Store. Try entering another online bank and if it works, then your online bank is most likely not included in our database. If this is the case, submit your online bank to our Labs for analysis as follows: Go to Submit a Sample. Under the URL Sample tab, paste in your online bank's web address (URL) into the Sample URL or IP address text box. Check the I want to give more details about this sample and to be notified of the analysis results box and fill in the contact form. Under URL type, select Banking Protection related issue or problem. Under Problem type, select Banking session does not activate when entering site. Give your sample a subject and description, prove that you are not a robot, and click Submit URL sample. If the issue persists, re-installation of the F-Secure product may be required. ... View more

Symptoms The subscription details showing in My F-Secure and in the SAFE app do not match. Diagnosis This may happen if you have previously had another My F-Secure account using a different email address; for example, you have previously had a trial account. Now with your current subscription, you have a new account. Both accounts are under the same name, but use different email addresses. When you reinstall SAFE on your devices using your new account and subscription, the SAFE app still identifies your other account and is unable to display the subscription details connected to the new account. Solution To connect the SAFE app with your new account and to get the app to show the correct subscription details, do the following for your different devices: On your PC: Log in to My F-Secure using your new My F-Secure account credentials. Click Add device, and then follow the prompts on the screen. When prompted, click Restart, then Next. Click Continue, then Accept and install. On your Mac: Uninstall the software. Log in to My F-Secure using your new My F-Secure account credentials. Follow the prompts on the screen, and re-install SAFE on your devices. On your Android device/s: Open up the app on your Android device. Go to Menu > Settings. Scroll down to My F-Secure account, tap My F-Secure account, then Log out the current user. Tap Log out to confirm. Log in to My F-Secure using your new My F-Secure account credentials. Install SAFE on your devices. On your iOS device/s: Open up the app on your iOS device. Go to Menu > Settings, then tap Logout. Click on Logout from My F-Secure. Log in to My F-Secure using your new My F-Secure account credentials. Install SAFE on your devices. The SAFE app is now connected to your new account. If, after trying this, your new subscription details are still not visible, please contact our Customer Support. ... View more

This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Italian, Japanese, Dutch, Polish. Android 4.x support for F-Secure SAFE, as well as support for earlier Android 4.x operating system versions has come to an end in February, 2018. The decision to discontinue Android 4.x support follows Google's own decision to discontinue its support for the last Android version in the 4.x series, Android 4.4 (KitKat), which it no longer provides security patches for. What does end of support mean? End of support means that if our security product is installed on an Android 4.x operating system, we cannot guarantee the protection on that device. As Android 4.x support for F-Secure SAFE has ended, this means that -- if your Android device is running an Android 4.x version -- your device will no longer receive the necessary security updates and may be more open to security vulnerabilities as a result. What should I do? To stay safe, we highly recommend that you upgrade your Android operating system to an Android version that receives security updates. The most recent operating system version always provides the best protection technologies and is fully maintained by the vendor, receiving timely security updates and improvements. What happens to my software after end of support? If you have a valid license for our security product and you upgrade your device operating system, your existing license is still valid for the supported platforms. Note: To check the system requirements for our home security product, please take a look at these articles: What are the system requirements for F-Secure SAFE? ... View more

The new release of SENSE firmware version 1.7.6.56 forces a reboot of the SENSE router, updating your SENSE router with changes to the subscription validity period. Released June, 2018 ... View more

SENSE comes with the F-Secure TOTAL package that includes F-Secure SAFE, F-Secure VPN and the F-Secure KEY password manager. If you have already bought a SENSE subscription before it was part of TOTAL, we are happy to inform you that we will renew your SENSE subscription for free after the first year, and it will remain free for the foreseeable future. We will notify you well in advance if this changes. Your SENSE app currently shows the subscription validity period until a specified date. As the subscription will change to an ongoing subscription, the validity date of your subscription will no longer be visible. Some customers may, however, see a validity period set in the app in the distant future. This date is there for technical reasons only and does not necessarily reflect an actual time period for the subscription. We kindly ask you to update your SENSE app if you do not have automatic updates set. If you are running an unsupported operating system version, such as Android 4, and there are no app updates available any more, we recommend upgrading your device. This change in the subscription will also force a firmware update in your SENSE router, followed by a reboot as usual. We welcome all your feedback. Please get in touch via the F-Secure SENSE Community. ... View more

This article applies to the following F-Secure products: Computer Protection, PSB portal, Policy Manager. Application control is a premium feature that strengthens your protection for the installation and launch of applications, installers, and scripts. Predefined rules designed by F-Secure security experts block many of the common attack vectors of existing malware. In Application control, you can also add your own rules by selecting Add exclusion. Before deploying a new block rule, consider setting the rule action to Allow and monitor. All the application events matching the rule are reported in the Applications tab in the device details view. When creating a new rule, note that the order of the rule is important. For example, you may create a specific allow rule before a generic block rule to allow a specific application to run. You can use the arrows in the profile editor to change the rules order. Here we outline ways in which Application control offers prevention from attack vectors, such as common zero days and targeted attacks. The 3 main scenarios are: Prevent Microsoft Office exploit vulnerabilities; Block unwanted applications; and Restrict vulnerable applications by version. Prevent Microsoft Office exploit vulnerabilities With malware exploits using MS Office vulnerabilities on the rise, it is becoming more common that malware of this type is being spread via documents arriving into a company network. Once the malware gets in, it can set itself up on the victim host and may also launch a new process, such as a PowerShell scripting engine. As an admin, you can therefore increase the security of your organization and block Microsoft Office programs from starting other apps. This type of restriction does not affect a normal user's work, as Microsoft Office applications do not usually start other apps. To explain the rule further: The Parent path parameter refers to the application launcher, for example, winword.exe . Note: The exclusion rule expects that Microsoft Office is installed under the default location and uses the %Program files% environment variable. Application control supports system and user environment variables. The Target command line parameter restricts the rule further by blocking only the powershell.exe processes. Note: To block any application from starting in MS Office, remove the second parameter. As powershell.exe is commonly used to configure workstation settings - if needed, you can then create an additional rule that disables the powershell.exe restriction, but allows only your own personal scripts. In the screenshot, we assume that your management scripts are stored under c:\myscripts . The exclusion rule explicitly allows powershell.exe, if its condition is c:\myscripts\ . For example: powershell C:\myscripts\login.ps1 Note: The exclusion rule uses the "contains" condition to match paths, such as: c:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe This condition may accidentally match the " c:\powershell.exe\myprogram.exe " path. An alternative option is to specify the exact match with the "equal to value" as in: " %SystemRoot%\WindowsPowerShell\v1.0\powershell.exe ", or use the "ends with" condition. Block unwanted applications Application control can also help with blocking unwanted applications; for example, games. The following example shows how to block the installation of Steam games. This rule is specified for MSI installers and blocks by installer subject, which is found in the Properties file: Application control allows you to specify rules for different meta properties of an application. The following example demonstrates blocking Spotify by copyright text: This rule blocks Spotify from starting regardless of where the file is installed. These properties are visible in the file details: Restrict vulnerable applications by version Application control is useful for restricting vulnerable applications from running, for example, to block an unpatched version. As an example, CCleaner has fixed a critical vulnerability in the latest version 5.42.148.6499 and any older versions can be blocked. The condition for the target file version 'is less or equal to 5.41.*.*' The asterisk field indicates that only major and minor fields are used in comparison. As "CCleaner" is in the Target file description, the program is blocked regardless of the file name or its location. Tip: To find the file version, check the Properties file. Related information Reputation and prevalence properties used in Application Control rules Adding an exclusion rule in Policy Manager Adding an exclusion rule in PSB portal ... View more

Products affected: Client Security 13.10 Problem: By enabling restricted access in DataGuard to allow only trusted applications to modify the protected data, the trusted applications running from the directory, C:\Program Files, or C:\Program Files (x86), are unable to modify the data in the protected folders. Visible effects: A notification with the message "Modification attempt blocked" is shown. Workaround: Adding C:\PROGRA~2\ and C:\PROGRA~1\ to the trusted applications list via the Policy Manager Console at: * F-Secure DeepGuard > Settings > Features > DataGuard > Restricted access > Trusted applications ETA: Unconfirmed. We will update this page as new information becomes available. Internal reference: CTS-100596 ... View more

This article in other languages: Finnish, Swedish, Danish, Norwegian, German, French, Japanese. This article applies to the following FREEDOME multi-device subscriptions: FREEDOME subscription code in this format: AAAA-BBBB-CCCC F-Secure TOTAL subscription For FREEDOME subscription code As an example, if you have a 5-device FREEDOME subscription, and you insert your subscription code on a 6th device, you get the Transfer prompt. Transfer the license as follows: Click Transfer, and the following happens: All of the licenses available with your multi-device subscription are released from your devices. The device on which you are transfering the license, get the first available license from your subscription. Your previous devices using the same subscription code automatically get the available remaining licenses when they connect to the FREEDOME servers on a first come first serve basis. If you have installed FREEDOME on more devices than the licenses available with your subscription, the last device to connect to the FREEDOME servers does not obtain a license and remains expired. OR Click Cancel, if you do not wish to transfer a license. This ensures that no license is transferred, and FREEDOME continues to work on your other devices. Note: FREEDOME allows you to perform a license transfer a maximum of 4 times during a 7-day period. When you reach this limit, you are unable to transfer a license for 7 days from the first transfer. For F-Secure TOTAL subscription Log in to My F-Secure with your account username and password. Select the FREEDOME VPN tab. Locate the device you want to release FREEDOME license from, and select Release license. Related information FREEDOME VPN subscription options How does the FREEDOME license period work? ... View more

Aside from detecting threats based on system and network behaviors as well as events, F-Secure Rapid Detection & Response (RDR) provides system administrators the visibility of all applications that are launched (not limited to installed applications) in the managed IT environment with the Application Inventory feature. The feature utilizes F-Secure's reputational data that allows you to immediately list all harmful or otherwise unwanted applications and cloud services, and foreign destinations of those applications with questionable reputation. You can easily restrict potentially harmful applications and cloud services even before data breaches happen. Application Inventory lists the following information about assets/hosts and applications: Assets/Hosts: Importance, host names, IP address, Company name, number of detection per host, OS distribution, RDR client version used Application: Most used, harmful, potentially unwanted, unknown Application Reputation: Safe/Harmful/Potentially unwanted/Privacy risk Application version Related information What is the difference between RDR and RDS? Key features of F-Secure Rapid Detection & Response ... View more

F-Secure Rapid Detection & Response (RDR) monitors endpoints (assets) and network events which are analyzed in real-time using real-time behavioral, reputational and big data analysis. The focus is to provide useful endpoint visibility coupled with the right insights to help businesses to respond to threats promptly with built-in automation and guidance based on the latest threat intelligence. In the event of a detection, F-Secure Rapid Detection & Response is able to respond in the following ways: Capabilities Details Automatic/manual email alerts and notifications Email alerts are sent to admins or users of affected companies from the portal. The email is pre-filled with basic information regarding a detection such as attack category, risk level, confidence level, impact criticality and number of affected hosts. Recommended actions (Available for partners only) Remediation recommendations and suggestions from F-Secure. Elevate to F-Secure (Available for partners only) Elevate and get help from F-Secure Rapid Detection Service team to deal with the most advanced cyber attacks with confidence. Host isolation (Not yet available in RDR Core) Automatically isolate the affected host from network. Note: Additional response capabilities are being developed and prioritized jointly with partners based on their feedback and requirements. Related information Key features of F-Secure Rapid Detection & Response What other functionality other than detecting threats is available in RDR? ... View more

F-Secure Rapid Detection & Response (RDR) and F-Secure Rapid Detection & Response Service (RDS) are both detection and response services concerned with addressing advanced and targeted cyber attacks in a rapidly evolving threat landscape. One of the main differences between the services is in the delivery. RDR is a 100% partner driven detection and response service with the incident response time based on the customer's own or the local partner's Service Level Agreement (SLA). RDS, on the other hand, is a 365/24/7 service powered by F-Secure's cyber security experts with a post-compromise response time of 30 minutes. F-Secure Rapid Detection & Response (RDR) provides partners with the opportunity to handle the incident management and response aspect of the service themselves after undergoing training provided by F-Secure. All RDR service providers are always backed by the latest threat intelligence gathered by F-Secure Rapid Detection & Response Service (RDS). With the detection and response activities managed by certified service providers, customers can focus on their business and rely on expert guidance whenever under attack. Related information What is F-Secure Rapid Detection & Response (RDR)? Why F-Secure Rapid Detection & Response (RDR)? ... View more

EDR stands for Endpoint Detection and Response (EDR). Endpoint Detection Response (EDR) solutions are designed to continuously monitor and respond to advanced internet threats. They do this by installing agents or sensors on the endpoints, which collect and send behavioral data to a central database for analysis. Using analytics tools, EDR solutions are able to identify patterns and detect anomalies, which can then be automated to send alerts for remedial action or further investigation. F-Secure's EDR solution is F-Secure Rapid Detection & Response. MDR stands for Managed Detection and Response (MDR), which is a managed cybersecurity service that generally provides a 24/7 service for threat detection, response, and remediation. This type of service takes the weight off a company's shoulders in terms of threat and incident management and is a good solution if cyber expertise is not available in-house. F-Secure's MDR solution is F-Secure Rapid Detection & Response Service. Related information What is F-Secure Rapid Detection & Response (RDR)? Why F-Secure Rapid Detection & Response (RDR)? How do EDR solutions differ to endpoint protection products (EPP)? ... View more

Understanding the scope of a targeted attack is easy with a broad context of detections visualized on a timeline that includes all impacted hosts, relevant events and recommended actions. The service uses real-time behavioral reputational and big data analysis to automatically place detections into the context, and to include risk levels, affected host criticality and prevailing threat landscape. Natively designed for real-life orchestrated, polymorphic attacks Incidents are placed in the context of prevalent situations Combines risk level, affected asset groups and prevailing threat landscape Detects root causes based on a flow of disparate events from a multitude of hosts The Broad Context Detection is supported by Machine Learning engine that learns to distinguish attacks from the noise. The engine works so that all the past decisions (False positive/True positive) create a training set for the engine. All the newly coming detections are being investigated to determine how likely it is that the new detection (based on historical detections) is a false positive. Related information What data does the RDR sensor collect? What kind of response capabilities are available in F-Secure Rapid Detection & Response? What other functionality other than detecting threats is available in RDR? ... View more

The F-Secure Rapid Detection & Response (RDR) sensor collects event-based data such as: file accesses process creations network connections registry writes system log entries relevant to detecting security breaches extracts of scripts derived from run-time execution The sensor does not collect sensitive information such as documents, other files or content. These data are sent to the F-Secure Rapid Detection & Response Portal using secure connections (HTTPS) and the current estimate of data transmission is approximately 30MB per sensor/day. Related information What is Broad Context Detection? What other functionality other than detecting threats is available in RDR? What kind of response capabilities are available in F-Secure Rapid Detection & Response? ... View more

Endpoint Detection and Response (EDR) solutions and endpoint protection products (EPP) serve different purposes in the threat landscape. EPP products can only identify and block known threats; for example, by scanning the endpoint for malware. EDR solutions, on the other hand, are designed to detect abnormal activity on endpoints by installing sensors or agents, which then gather behavioral data to detect unknown malware vulnerabilities. This data is continually monitored, and most EDR solutions offer dashboard and report capabilities that alert you if a threat has been detected. EPP products and EDR solutions will co-exist for some time going forward to ensure comprehensive protection for all eventualities. For F-Secure's EDR solution, see F-Secure Rapid Detection and Response. Related information What is F-Secure Rapid Detection & Response (RDR)? What is the difference between RDR and RDS? Why F-Secure Rapid Detection & Response (RDR)? ... View more